Re: kdelibs vuln, bugtraq 12525

To: debian-security@lists.debian.org
Subject: Re: kdelibs vuln, bugtraq 12525
From: Geoff Crompton <geoff.crompton@strategicdata.com.au>
Date: Wed, 23 Feb 2005 09:42:52 +1100
Message-id: <[🔎] 421BB56C.7020802@strategicdata.com.au>
In-reply-to: <[🔎] 421BB353.1090508@strategicdata.com.au>
References: <[🔎] 421BB353.1090508@strategicdata.com.au>

Geoff Crompton wrote:

I haven't seen a DSA for kdelibs, according to:
http://www.securityfocus.com/bid/12525
version 3.3.2 is vulnerable to a local file overwriting issue.

Woody's clean, anyone know if the sid and sarge packages are affected?


KDE is tracking the bug.
http://bugs.kde.org/show_bug.cgi?id=97608

From the discussion there, it sounds like it might only be exploitablewhen building KDE? (I don't know kde well enough to be confident aboutthis assertion though).

--
Geoff Crompton
Debian System Administrator
Strategic Data
+61 3 9340 9000

Reply to:

References:
- kdelibs vuln, bugtraq 12525
  - From: Geoff Crompton <geoff.crompton@strategicdata.com.au>

Prev by Date: Re: kdelibs vuln, bugtraq 12525
Next by Date: Re: [SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution
Previous by thread: Re: kdelibs vuln, bugtraq 12525
Next by thread: Re: [SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution
Index(es):
- Date
- Thread