| Description: | The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the file manager Konqueror.
Ilja van Sprundel discovered a lock file handling flaw in kcheckpass. If the directory /var/lock is writable by a user who is allowed to run kcheckpass, that user could gain root privileges. In Red Hat Enterprise Linux, the /var/lock directory is not writable by users and therefore this flaw could only have been exploited if the permissions on that directory have been badly configured. A patch to block this issue has been included in this update. (CVE-2005-2494)
The following bugs have also been addressed:
- kstart --tosystray does not send the window to the system tray in Kicker
- When the customer enters or selects URLs in Firefox's address field, the desktop freezes for a couple of seconds
- fish kioslave is broken on 64-bit systems
All users of kdebase should upgrade to these updated packages, which contain patches to resolve these issues.
|