[Frugalware-security] [ FSA-294 ] kdebase

voroskoi noreply at frugalware.org
Mon Oct 8 15:45:23 CEST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-294

Date: 2007-10-08
Package: kdebase
Vulnerable versions: <= 3.5.6-3terminus2
Unaffected versions: >= 3.5.6-3terminus3
Related bugreport: http://bugs.frugalware.org/task/2198
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022

Description
===========

A vulnerability has been reported in Konqueror, which can be exploited by malicious people to disclose potentially sensitive information.
The vulnerability is caused due to an unspecified error within the interaction between Konqueror and the Adobe Flash Player plug-in, which may result in key presses being leaked to a Flash applet. This can be exploited to disclose potentially sensitive information.

Updated Packages
================

Check if you have kdebase installed:

	# pacman-g2 -Q kdebase

If found, then you should upgrade to the latest version:

	# pacman-g2 -Sy kdebase

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFHCjRzZ7NElSD1VhkRAqR3AJ4wCoKPA9zLSWWAHeh69pJZGCv7ygCdH3Px
SSDm7CU6mNvti3Tu2iJ5kZk=
=fPuF
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list