You are here
Home > Preporuke > Sigurnosni propust programskog paketa kde-runtime

Sigurnosni propust programskog paketa kde-runtime

by ncert - 0
  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-15532
2014-11-22 11:34:47
——————————————————————————–

Name : kde-runtime
Product : Fedora 20
Version : 4.14.3
Release : 2.fc20
URL : http://www.kde.org/
Summary : KDE Runtime
Description :
Core runtime for KDE 4.

——————————————————————————–
Update Information:

New security fix release, insufficient Input Validation By IO Slaves, see also https://www.kde.org/info/security/advisory-20141113-1.txt
——————————————————————————–
ChangeLog:

* Mon Nov 17 2014 Than Ngo <than@redhat.com> – 4.14.3-2
– fix bz#1164609, CVE-2014-8600, Insufficient Input Validation By IO Slaves
* Sat Nov 8 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.14.3-1
– 4.14.3
* Sat Oct 11 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.14.2-1
– 4.14.2
* Tue Oct 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.14.1-2
– drop mouseeventlistener.patch, upstream fixed
* Mon Sep 15 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.14.1-1
– 4.14.1
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 4.14.0-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Aug 14 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.14.0-1
– 4.14.0
* Tue Aug 5 2014 Daniel Vrátil <dvratil@redhat.com> – 4.13.97-2
– Split khelpcenter and -docs into subpackages to improve coinstallability with Plasma 5
* Tue Aug 5 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.97-1
– 4.13.97
* Thu Jul 17 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.3-2
– rebuild (for pulseaudio, bug #1117683)
* Mon Jul 14 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.3-1
– 4.13.3
* Tue Jul 8 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.2-4
– scriptlet polish
* Thu Jul 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.2-3
– optimize mimeinfo scriptlet
* Thu Jun 19 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.2-2
– BR: s/qtwebkit-devel/kdelibs4-webkit-devel/
* Mon Jun 9 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.2-1
– 4.13.2
* Sun Jun 8 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 4.13.1-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Fri May 16 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.1-2
– respin
* Sat May 10 2014 Rex Dieter <rdieter@fedoraproject.org> 4.13.1-1
– 4.13.1
* Thu May 1 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.0-3
– upstream phonon kcm fix (pulseaudio card profiles)
– drop unused passwordless-kwallet patch (now that we have pam-kwallet to play with)
* Mon Apr 14 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.0-2
– add option to enable optional compat nepomuk stuff (default off)
– drop: Requires: nepomuk-core
* Sat Apr 12 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.13.0-1
– 4.13.0
* Thu Apr 3 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.12.97-1
– 4.12.97
* Sat Mar 22 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.12.95-1
– 4.12.95
* Tue Mar 18 2014 Rex Dieter <rdieter@fedoraproject.org> 4.12.90-1
– 4.12.90
* Sat Mar 1 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.12.3-1
– 4.12.3
* Fri Jan 31 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.12.2-1
– 4.12.2
* Fri Jan 10 2014 Rex Dieter <rdieter@fedoraproject.org> – 4.12.1-1
– 4.12.1
* Fri Jan 10 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> – 4.12.0-3
– backport support for libssh 0.6 and ECDSA keys (kde#327024) from master/4.13
* Wed Jan 1 2014 Rex Dieter <rdieter@fedoraproject.org> 4.12.0-2
– rebuild (libwebp)
* Thu Dec 19 2013 Rex Dieter <rdieter@fedoraproject.org> – 4.12.0-1
– 4.12.0
* Fri Dec 13 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.97-3
– %build: -DKDE4_ENABLE_FPIE:BOOL=ON
– kdesud -Wl,-z,relro,-z,now linker flags
* Tue Dec 3 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.97-2
– rebuild (exiv2)
* Sun Dec 1 2013 Rex Dieter <rdieter@fedoraproject.org> – 4.11.97-1
– 4.11.97
* Wed Nov 27 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.95-3
– rebuild (openexr)
* Sat Nov 23 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.95-2
– rebase passwordless kwallet support
* Thu Nov 21 2013 Rex Dieter <rdieter@fedoraproject.org> – 4.11.95-1
– 4.11.95
——————————————————————————–
References:

[ 1 ] Bug #1164293 – CVE-2014-8600 kwebkitpart, kde-runtime: Insufficient Input Validation By IO Slaves and Webkit Part
https://bugzilla.redhat.com/show_bug.cgi?id=1164293
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update kde-runtime’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorTomislav Protega
Cert idNCERT-REF-2014-11-0034-ADV
CveCVE-2014-8600
ID izvornikaFEDORA-2014-15532
Proizvodkde-runtime
Izvorhttp://www.redhat.com
ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa libXfont

Otkriveni su sigurnosni nedostaci u programskom paketu libXfont za operacijski sustav Red Hat Enterprise Linux 5. Otkriveni nedostaci potencijalnim napadačima...

Close