Oval Definition:oval:com.redhat.rhsa:def:20110465
Revision Date:2011-04-21Version:640
Title:RHSA-2011:0465: kdenetwork security update (Important)
Description:The kdenetwork packages contain networking applications for the K Desktop Environment (KDE).

  • A directory traversal flaw was found in the way KGet, a download manager, handled the "file" element in Metalink files. An attacker could use this flaw to create a specially-crafted Metalink file that, when opened, would cause KGet to overwrite arbitrary files accessible to the user running KGet. (CVE-2011-1586)

    Users of kdenetwork should upgrade to these updated packages, which contain a backported patch to resolve this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-1586
    CVE-2011-1586
    RHSA-2011:0465
    RHSA-2011:0465-01
    RHSA-2011:0465-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • kdenetwork is earlier than 7:4.3.4-11.el6_0.1
  • AND kdenetwork is signed with Red Hat redhatrelease2 key
  • kdenetwork-devel is earlier than 7:4.3.4-11.el6_0.1
  • AND kdenetwork-devel is signed with Red Hat redhatrelease2 key
  • kdenetwork-libs is earlier than 7:4.3.4-11.el6_0.1
  • AND kdenetwork-libs is signed with Red Hat redhatrelease2 key
    • BACK