Oval Definition:oval:com.redhat.rhsa:def:20060548
Revision Date:2006-06-26Version:638
Title:RHSA-2006:0548: kdebase security update (Important)
Description:The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the KDE Display Manager (KDM).

  • Ludwig Nussel discovered a flaw in KDM. A malicious local KDM user could use a symlink attack to read an arbitrary file that they would not normally have permissions to read. (CVE-2006-2449)

    Note: this issue does not affect the version of KDM as shipped with Red Hat Enterprise Linux 2.1 or 3.

    All users of KDM should upgrade to these updated packages which contain a backported patch to correct this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2006-2449
    RHSA-2006:0548
    RHSA-2006:0548-02
    RHSA-2006:0548-02
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • kdebase is earlier than 6:3.3.1-5.12
  • AND kdebase is signed with Red Hat redhatrelease2 key
  • kdebase-devel is earlier than 6:3.3.1-5.12
  • AND kdebase-devel is signed with Red Hat redhatrelease2 key
    • BACK