発行日:
2011-04-21
更新日:
2011-04-21

RHSA-2011:0465 - Security Advisory

概要

Important: kdenetwork security update

タイプ/重大度

Security Advisory: Important

トピック

Updated kdenetwork packages that fix one security issue are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

説明

The kdenetwork packages contain networking applications for the K Desktop
Environment (KDE).

A directory traversal flaw was found in the way KGet, a download manager,
handled the "file" element in Metalink files. An attacker could use this
flaw to create a specially-crafted Metalink file that, when opened, would
cause KGet to overwrite arbitrary files accessible to the user running
KGet. (CVE-2011-1586)

Users of kdenetwork should upgrade to these updated packages, which contain
a backported patch to resolve this issue. The desktop must be restarted
(log out, then log back in) for this update to take effect.

解決法

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

影響を受ける製品

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386

修正

  • BZ - 697042 - CVE-2011-1586 kdenetwork: incomplete fix for CVE-2010-1000

CVE

参考資料

Red Hat Enterprise Linux Server 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
x86_64
kdenetwork-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 1ec971fc7e0485d89b3446d1f029ff37535921ed80fb7d1baed1bde64d2317cc
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-debuginfo-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: a06f65b36c1921502da7d0f63c7716ab08f1da2d4798d9fc5f0119834e8452df
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-devel-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 057b182f96af0770e8c8cdf038958884b7f1ac4173577cdc6fd8b6057c4c4c9e
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf
kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: e39b03f901be1c5d97a89ff336aa742b7daa964f12601bfce207f8a0277ab258
i386
kdenetwork-4.3.4-11.el6_0.1.i686.rpm SHA-256: 9333649b70fc97ecb19408bf162fc3b7606c7eb582700f367540f84db501b5a5
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf

Red Hat Enterprise Linux Workstation 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
x86_64
kdenetwork-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 1ec971fc7e0485d89b3446d1f029ff37535921ed80fb7d1baed1bde64d2317cc
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-debuginfo-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: a06f65b36c1921502da7d0f63c7716ab08f1da2d4798d9fc5f0119834e8452df
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-devel-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 057b182f96af0770e8c8cdf038958884b7f1ac4173577cdc6fd8b6057c4c4c9e
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf
kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: e39b03f901be1c5d97a89ff336aa742b7daa964f12601bfce207f8a0277ab258
i386
kdenetwork-4.3.4-11.el6_0.1.i686.rpm SHA-256: 9333649b70fc97ecb19408bf162fc3b7606c7eb582700f367540f84db501b5a5
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf

Red Hat Enterprise Linux Desktop 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
x86_64
kdenetwork-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 1ec971fc7e0485d89b3446d1f029ff37535921ed80fb7d1baed1bde64d2317cc
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-debuginfo-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: a06f65b36c1921502da7d0f63c7716ab08f1da2d4798d9fc5f0119834e8452df
kdenetwork-debuginfo-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: a06f65b36c1921502da7d0f63c7716ab08f1da2d4798d9fc5f0119834e8452df
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-devel-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 057b182f96af0770e8c8cdf038958884b7f1ac4173577cdc6fd8b6057c4c4c9e
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf
kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: e39b03f901be1c5d97a89ff336aa742b7daa964f12601bfce207f8a0277ab258
i386
kdenetwork-4.3.4-11.el6_0.1.i686.rpm SHA-256: 9333649b70fc97ecb19408bf162fc3b7606c7eb582700f367540f84db501b5a5
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
s390x
kdenetwork-4.3.4-11.el6_0.1.s390x.rpm SHA-256: 1d58eba036d446e958a404be2086b19df953644b6a7c2251d55e54e1c3e2929c
kdenetwork-debuginfo-4.3.4-11.el6_0.1.s390.rpm SHA-256: e0cc82ea490f82b00f9b978ef6e10f3ba9667680293d4cd27c47075511a27d1d
kdenetwork-debuginfo-4.3.4-11.el6_0.1.s390x.rpm SHA-256: d69600ad226600dcbbadee7e46450e4bf9161a3ab6ebc8208c362b0814d6a2e4
kdenetwork-devel-4.3.4-11.el6_0.1.s390.rpm SHA-256: 18f595b10bae27747f96f91f757a2f42ed4a219cd4e9b90bab81f85db0b0ac23
kdenetwork-devel-4.3.4-11.el6_0.1.s390x.rpm SHA-256: 7cff59afc2791f198a3506bb0e60e07a031be5b3e997b5e0b4579c120a14c8f3
kdenetwork-libs-4.3.4-11.el6_0.1.s390.rpm SHA-256: 9686c94e4d76158f86252a4e1b9b9dc6718ef012f323d35b3576eda1d731b6ed
kdenetwork-libs-4.3.4-11.el6_0.1.s390x.rpm SHA-256: 0c682e48ddfa8b11667e46277693c2d9ab92e3c7b3ff75a9bfdb6e38b3556144

Red Hat Enterprise Linux for Power, big endian 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
ppc64
kdenetwork-4.3.4-11.el6_0.1.ppc64.rpm SHA-256: 35f20ac257672cb1da5927226af28540ab049dc439059f07eb4eba9ae0ad88c4
kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc.rpm SHA-256: f94f170450b83835800e55e0c9eeddb32aa8b0ccd1725dd621f8448aec5e8028
kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc64.rpm SHA-256: 778256fa106c4cb5a7a2af1b982ede37ab4807261613486054d9ab81a014bc43
kdenetwork-devel-4.3.4-11.el6_0.1.ppc.rpm SHA-256: 350997c138e88029cf2ddba6be45ac7cddef131aaded40498684c5abd6037c69
kdenetwork-devel-4.3.4-11.el6_0.1.ppc64.rpm SHA-256: 3e11b7683c66d911d93d41708dc8e47ebe88431bbfa35cfad37fba96c7187ac3
kdenetwork-libs-4.3.4-11.el6_0.1.ppc.rpm SHA-256: 1a44ffa748cbc4df43b9835b16c2a7024d43c628385889111b4ad20f5a1a5925
kdenetwork-libs-4.3.4-11.el6_0.1.ppc64.rpm SHA-256: 328ab4376109c850f986f7dba5e683fbd2b2623339c5fae1eb2b71d49905b939

Red Hat Enterprise Linux Server from RHUI 6

SRPM
kdenetwork-4.3.4-11.el6_0.1.src.rpm SHA-256: 6ea5ff6ed003e87ba27c0f571ffefc839250bfc2737ebe44ba84963e4a902c99
x86_64
kdenetwork-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 1ec971fc7e0485d89b3446d1f029ff37535921ed80fb7d1baed1bde64d2317cc
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-debuginfo-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: a06f65b36c1921502da7d0f63c7716ab08f1da2d4798d9fc5f0119834e8452df
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-devel-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: 057b182f96af0770e8c8cdf038958884b7f1ac4173577cdc6fd8b6057c4c4c9e
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf
kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm SHA-256: e39b03f901be1c5d97a89ff336aa742b7daa964f12601bfce207f8a0277ab258
i386
kdenetwork-4.3.4-11.el6_0.1.i686.rpm SHA-256: 9333649b70fc97ecb19408bf162fc3b7606c7eb582700f367540f84db501b5a5
kdenetwork-debuginfo-4.3.4-11.el6_0.1.i686.rpm SHA-256: fa9306b0bf5a790bc649e917dd4d2cd0e341ca60ab5c2959c4bc4846bb9da8ba
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm SHA-256: 01371fe5fc0a7865f77cbd5f104ef10a4eb69e94af251c8c3cbd2e7f8168422b
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm SHA-256: c5be0e56220204dbc4ec56eacb78258652a2715f703de5b5f409337ff9e9accf

Red Hat のセキュリティーに関する連絡先は secalert@redhat.com です。 連絡先の詳細は https://access.redhat.com/security/team/contact/ をご覧ください。