- Issued:
- 2006-01-19
- Updated:
- 2006-01-19
RHSA-2006:0184 - Security Advisory
Synopsis
kdelibs security update
Type/Severity
Security Advisory: Critical
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated kdelibs packages are now available for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Description
kdelibs contains libraries for the K Desktop Environment (KDE).
A heap overflow flaw was discovered affecting kjs, the JavaScript
interpreter engine used by Konqueror and other parts of KDE. An attacker
could create a malicious web site containing carefully crafted JavaScript
code that would trigger this flaw and possibly lead to arbitrary code
execution. The Common Vulnerabilities and Exposures project assigned the
name CVE-2006-0019 to this issue.
NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1.
Users of KDE should upgrade to these updated packages, which contain a
backported patch from the KDE security team correcting this issue as well
as two bug fixes.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 165139 - kdegraphics applications crash when Open or Save dialog is opened
- BZ - 178072 - pwMutex destroy failure: Device or resource busy
CVEs
Red Hat Enterprise Linux Server 4
| SRPM | |
|---|---|
| kdelibs-3.3.1-3.14.src.rpm | SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf |
| x86_64 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.x86_64.rpm | SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0 |
| kdelibs-3.3.1-3.14.x86_64.rpm | SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0 |
| kdelibs-devel-3.3.1-3.14.x86_64.rpm | SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e |
| kdelibs-devel-3.3.1-3.14.x86_64.rpm | SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e |
| ia64 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.ia64.rpm | SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248 |
| kdelibs-3.3.1-3.14.ia64.rpm | SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248 |
| kdelibs-devel-3.3.1-3.14.ia64.rpm | SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad |
| kdelibs-devel-3.3.1-3.14.ia64.rpm | SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad |
| i386 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-devel-3.3.1-3.14.i386.rpm | SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab |
| kdelibs-devel-3.3.1-3.14.i386.rpm | SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab |
Red Hat Enterprise Linux Workstation 4
| SRPM | |
|---|---|
| kdelibs-3.3.1-3.14.src.rpm | SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf |
| x86_64 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.x86_64.rpm | SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0 |
| kdelibs-devel-3.3.1-3.14.x86_64.rpm | SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e |
| ia64 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.ia64.rpm | SHA-256: 1f978250ccbf154acf49daaf918d5512f90a32b855de50c85ad1ad8353a7e248 |
| kdelibs-devel-3.3.1-3.14.ia64.rpm | SHA-256: d692de3f9305005c14f8c0d19d26f9bfed9820c45dd65902346f4d20ef0512ad |
| i386 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-devel-3.3.1-3.14.i386.rpm | SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab |
Red Hat Enterprise Linux Desktop 4
| SRPM | |
|---|---|
| kdelibs-3.3.1-3.14.src.rpm | SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf |
| x86_64 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-3.3.1-3.14.x86_64.rpm | SHA-256: 6078fd62077b2dbb17097a1b531af12a310187d2fa3e73870b177cf6bf88a9c0 |
| kdelibs-devel-3.3.1-3.14.x86_64.rpm | SHA-256: d620f620237a5d6c7ba2dee82df9ff7ed26d8d9c552063b63b4bb1f45fa6d19e |
| i386 | |
| kdelibs-3.3.1-3.14.i386.rpm | SHA-256: 573d7e486c51d30bedf966c8acc07ec2e60aaee022831fa009b01f300190181d |
| kdelibs-devel-3.3.1-3.14.i386.rpm | SHA-256: 131c3606e476cd2aab54f0669ddb19b85122c798dc226712951e2d526c902cab |
Red Hat Enterprise Linux for IBM z Systems 4
| SRPM | |
|---|---|
| kdelibs-3.3.1-3.14.src.rpm | SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf |
| s390x | |
| kdelibs-3.3.1-3.14.s390.rpm | SHA-256: dcc63dee6b07de564bdf4843eca4ef03418faf2d5f4ad7c2d298e1f54a50668f |
| kdelibs-3.3.1-3.14.s390x.rpm | SHA-256: 4069b1f449e0a86a1cf1eeef9d32451f84298577defeb884431469086712b41f |
| kdelibs-devel-3.3.1-3.14.s390x.rpm | SHA-256: aab507bd6d6f9f1bd9fb0279ed62dbb7201ab9de1facc4f3187bf1a2907a82d5 |
| s390 | |
| kdelibs-3.3.1-3.14.s390.rpm | SHA-256: dcc63dee6b07de564bdf4843eca4ef03418faf2d5f4ad7c2d298e1f54a50668f |
| kdelibs-devel-3.3.1-3.14.s390.rpm | SHA-256: 027c184a48d9b6977c966c878a3edba7a281a04e2a5215b6866d2caf5828edad |
Red Hat Enterprise Linux for Power, big endian 4
| SRPM | |
|---|---|
| kdelibs-3.3.1-3.14.src.rpm | SHA-256: dd2128e5ccb884c62733c5957f31f1c423c53981c066b5cddc7fa1bdc5e0b5cf |
| ppc | |
| kdelibs-3.3.1-3.14.ppc.rpm | SHA-256: 26dc266c1a109bc6d20699aa35242aaeabac85e56ff6caa62ed1e2517f0181bb |
| kdelibs-3.3.1-3.14.ppc64.rpm | SHA-256: 7b01a7feb9fa2e14f468fa068159e97922bc789db3e3f5e589af475c07fe740b |
| kdelibs-devel-3.3.1-3.14.ppc.rpm | SHA-256: c4713925d291dfd84c85e73fa9a2cfe5fd1a870871f4cd3f81f960c1869c6b01 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
