Oval Definition:oval:com.redhat.rhsa:def:20091601
Revision Date:2009-11-24Version:637
Title:RHSA-2009:1601: kdelibs security update (Critical)
Description:The kdelibs packages provide libraries for the K Desktop Environment (KDE).

  • A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689)

    Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-0689
    RHSA-2009:1601
    RHSA-2009:1601-01
    RHSA-2009:1601-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • kdelibs is earlier than 6:3.3.1-17.el4_8.1
  • AND kdelibs is signed with Red Hat redhatrelease2 key
  • kdelibs-devel is earlier than 6:3.3.1-17.el4_8.1
  • AND kdelibs-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • kdelibs is earlier than 6:3.5.4-25.el5_4.1
  • AND kdelibs is signed with Red Hat redhatrelease2 key
  • kdelibs-apidocs is earlier than 6:3.5.4-25.el5_4.1
  • AND kdelibs-apidocs is signed with Red Hat redhatrelease2 key
  • kdelibs-devel is earlier than 6:3.5.4-25.el5_4.1
  • AND kdelibs-devel is signed with Red Hat redhatrelease2 key
    • BACK