Bug#286516: kdebase: CAN-2004-1158: Konqueror Window Injection Vulnerability

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#286516: kdebase: CAN-2004-1158: Konqueror Window Injection Vulnerability
From: Adeodato Simó <asp16@alu.ua.es>
Date: Mon, 20 Dec 2004 18:14:28 +0100
Message-id: <[🔎] 20041220171428.GA5354@chistera.yi.org>
Reply-to: Adeodato Simó <asp16@alu.ua.es>, 286516@bugs.debian.org

Package: kdebase
Severity: grave
Tags: security

  the fix for CAN-2004-1158 (see the KDE Security Advisory [1]) is
  compound of two patches: one for kdelibs and another for kdebase.

  unlike kdelibs, which has the patch included as of kdelibs=4:3.3.1-3,
  this issue has not been fixed for kdebase and an upload is pending.

    [1] http://www.kde.org/info/security/advisory-20041213-1.txt

  I'm submitting this bug as a separate report from #286510 to properly
  track what's fixed in sid and what not.

-- 
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
If you think nobody cares if you're alive, try missing a couple of car
payments.
                -- Earl Wilson

Reply to:

Prev by Date: Processed: Re: kfloppy should use FDSETPRM instead of /dev/fd?[dhu]*
Next by Date: Bug#273890: kfloppy should use FDSETPRM instead of /dev/fd?[dhu]*
Previous by thread: Bug#286510: kdelibs: CAN-2004-1158: Konqueror Window Injection Vulnerability
Next by thread: Bug#273890: kfloppy should use FDSETPRM instead of /dev/fd?[dhu]*
Index(es):
- Date
- Thread