——————————————————————————–
Fedora Update Notification
FEDORA-2014-11348
2014-09-25 09:23:16
——————————————————————————–

Name : kdelibs
Product : Fedora 19
Version : 4.11.5
Release : 5.fc19
URL : http://www.kde.org/
Summary : KDE Libraries
Description :
Libraries for KDE 4.

——————————————————————————–
Update Information:

The update has a fix for CVE-2014-5033, KAuth was calling PolicyKit 1 (polkit) in an insecure way.
——————————————————————————–
ChangeLog:

* Tue Sep 23 2014 Than Ngo <than@redhat.com> – 6:4.11.5-5
– security fix CVE-2014-5033
* Thu Jun 19 2014 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.5-4
– Provides: kdelibs4-webkit …
* Thu Jun 19 2014 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.5-3
– POP3 kiosloave silently accepted invalid SSL certificates (#1111022, #1111023, CVE-2014-3494)
* Sun Feb 16 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 6:4.11.5-2
– Plasma PackageKit integration: fix plasmapkg to not query Plasma for available
script engines if component is not Plasma/*, but e.g. KWin/Script (#1065688)
* Fri Jan 3 2014 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.5-1
– 4.11.5
* Thu Dec 12 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.4-1
– 4.11.4
* Mon Dec 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> – 6:4.11.3-9
– drop autostart-debug patch
* Mon Dec 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> – 6:4.11.3-8
– drop klauncher-timeout patch that did not help
– set QT_NO_GLIB in klauncher_main.cpp as a possible fix/workaround for #983110
* Sat Dec 7 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.3-7
– avoid possible crasher in autostart-debug.patch
* Sat Dec 7 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> – 6:4.11.3-6
– increase KLauncher timeout as a possible fix/workaround for #983110
* Fri Dec 6 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.3-5
– respin autostart debuging patch
– %check: support regression tests (default off)
* Fri Dec 6 2013 Rex Dieter <rdieter@fedoraproject.org> 6:4.11.3-4
– add some autostart debugging
* Mon Dec 2 2013 Than Ngo <than@redhat.com> – 6:4.11.3-3
– add the arm’s check in kdelibs
* Mon Dec 2 2013 Than Ngo <than@redhat.com> – 6:4.11.3-2
– add workaround for bz#969524
* Fri Nov 1 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.3-1
– 4.11.3
* Sat Oct 19 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.2-3
– followup upstream mimetypes fix
* Fri Oct 18 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.2-2
– backport a few upstream fixes
* Sat Sep 28 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.2-1
– 4.11.2
* Mon Sep 23 2013 Rex Dieter <rdieter@fedoraproject.org> – 6:4.11.1-4
– kded4 leak sockets when wifi connections fail (kde#324954)
– use upstreamed Samba patch
– Wrong timestamp on files copied (kde#55804)
——————————————————————————–
References:

[ 1 ] Bug #1094890 – CVE-2014-5033 polkit-qt: insecure calling of polkit
https://bugzilla.redhat.com/show_bug.cgi?id=1094890
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update kdelibs’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce