Red Hat Product Errata RHSA-2006:0184 - Security Advisory

Issued:: 2006-01-19
Updated:: 2006-01-19

RHSA-2006:0184 - Security Advisory

Overview
Updated Packages

Synopsis

kdelibs security update

Type/Severity

Security Advisory: Critical

Topic

Updated kdelibs packages are now available for Red Hat Enterprise Linux 4.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Description

kdelibs contains libraries for the K Desktop Environment (KDE).

A heap overflow flaw was discovered affecting kjs, the JavaScript
interpreter engine used by Konqueror and other parts of KDE. An attacker
could create a malicious web site containing carefully crafted JavaScript
code that would trigger this flaw and possibly lead to arbitrary code
execution. The Common Vulnerabilities and Exposures project assigned the
name CVE-2006-0019 to this issue.

NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1.

Users of KDE should upgrade to these updated packages, which contain a
backported patch from the KDE security team correcting this issue as well
as two bug fixes.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 165139 - kdegraphics applications crash when Open or Save dialog is opened
BZ - 178072 - pwMutex destroy failure: Device or resource busy

CVEs

CVE-2006-0019

References

http://www.kde.org/info/security/advisory-20060119-1.txt

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
kdelibs-3.3.1-3.14.src.rpm	SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf
x86_64
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.x86_64.rpm	SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0
kdelibs-3.3.1-3.14.x86_64.rpm	SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0
kdelibs-devel-3.3.1-3.14.x86_64.rpm	SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e
kdelibs-devel-3.3.1-3.14.x86_64.rpm	SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e
ia64
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.ia64.rpm	SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248
kdelibs-3.3.1-3.14.ia64.rpm	SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248
kdelibs-devel-3.3.1-3.14.ia64.rpm	SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad
kdelibs-devel-3.3.1-3.14.ia64.rpm	SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad
i386
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-devel-3.3.1-3.14.i386.rpm	SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab
kdelibs-devel-3.3.1-3.14.i386.rpm	SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab

Red Hat Enterprise Linux Workstation 4

SRPM
kdelibs-3.3.1-3.14.src.rpm	SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf
x86_64
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.x86_64.rpm	SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0
kdelibs-devel-3.3.1-3.14.x86_64.rpm	SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e
ia64
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.ia64.rpm	SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248
kdelibs-devel-3.3.1-3.14.ia64.rpm	SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad
i386
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-devel-3.3.1-3.14.i386.rpm	SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab

Red Hat Enterprise Linux Desktop 4

SRPM
kdelibs-3.3.1-3.14.src.rpm	SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf
x86_64
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-3.3.1-3.14.x86_64.rpm	SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0
kdelibs-devel-3.3.1-3.14.x86_64.rpm	SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e
i386
kdelibs-3.3.1-3.14.i386.rpm	SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d
kdelibs-devel-3.3.1-3.14.i386.rpm	SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
kdelibs-3.3.1-3.14.src.rpm	SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf
s390x
kdelibs-3.3.1-3.14.s390.rpm	SHA-256: dcc63dee6b07de564bdf4843eca4ef03418faf2d5f4ad7c2d298e1f54a50668f
kdelibs-3.3.1-3.14.s390x.rpm	SHA-256: 4069b1f449e0a86a1cf1eeef9d32451f84298577defeb884431469086712b41f
kdelibs-devel-3.3.1-3.14.s390x.rpm	SHA-256: aab507bd6d6f9f1bd9fb0279ed62dbb7201ab9de1facc4f3187bf1a2907a82d5
s390
kdelibs-3.3.1-3.14.s390.rpm	SHA-256: dcc63dee6b07de564bdf4843eca4ef03418faf2d5f4ad7c2d298e1f54a50668f
kdelibs-devel-3.3.1-3.14.s390.rpm	SHA-256: 027c184a48d9b6977c966c878a3edba7a281a04e2a5215b6866d2caf5828edad

Red Hat Enterprise Linux for Power, big endian 4

SRPM
kdelibs-3.3.1-3.14.src.rpm	SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf
ppc
kdelibs-3.3.1-3.14.ppc.rpm	SHA-256: 26dc266c1a109bc6d20699aa35242aaeabac85e56ff6caa62ed1e2517f0181bb
kdelibs-3.3.1-3.14.ppc64.rpm	SHA-256: 7b01a7feb9fa2e14f468fa068159e97922bc789db3e3f5e589af475c07fe740b
kdelibs-devel-3.3.1-3.14.ppc.rpm	SHA-256: c4713925d291dfd84c85e73fa9a2cfe5fd1a870871f4cd3f81f960c1869c6b01

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories