Fedora 11 Update: kdelibs3-3.5.10-21.fc11
updates at fedoraproject.org
updates at fedoraproject.org
Wed Dec 16 01:19:13 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-13223
2009-12-16 00:19:40
--------------------------------------------------------------------------------
Name : kdelibs3
Product : Fedora 11
Version : 3.5.10
Release : 21.fc11
URL : http://www.kde.org/
Summary : K Desktop Environment 3 - Libraries
Description :
Libraries for the K Desktop Environment 3:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).
--------------------------------------------------------------------------------
Update Information:
- fix KHTML/KJS crash when viewing pages with JavaScript - fix unrestricted
XMLHttpRequest access to local URLs
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 7 2009 Than Ngo <than at redhat.com> - 3.5.10-21
- fix security issues in libltdl bundle within kdelibs CVE-2009-3736
- backport upstream patches
- patch autoconfigury to build with autoconf >= 2.64 (Stepan Kasal)
* Mon Nov 2 2009 Lukáš Tinkl <ltinkl at redhat.com> - 3.5.10-20
- fix unrestricted XMLHttpRequest access to local URLs (oCERT-2009-015), #532428
* Mon Sep 28 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-19
- Conflicts with kde-settings (#526109)
* Mon Sep 28 2009 Than Ngo <than at redhat.com> - 3.5.10-18
- rhel cleanup
* Wed Sep 23 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-17
- move /etc/profile.d/kde.(sh|csh) to kde-settings (F-12+)
* Fri Sep 4 2009 Than Ngo <than at redhat.com> - 3.5.10-16
- openssl-1.0 build fixes
* Fri Sep 4 2009 Than Ngo <than at redhat.com> - 3.5.10-15
- fix for CVE-2009-2702
* Thu Sep 3 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-14
- kde.(sh|csh): drop KDE_IS_PRELINKED (workaround bug #515539)
* Sun Jul 26 2009 Kevin Kofler <Kevin at tigcc.ticalc.org> - 3.5.10-13
- fix CVE-2009-2537 - select length DoS
- fix CVE-2009-1725 - crash, possible ACE in numeric character references
- fix CVE-2009-1690 - crash, possible ACE in KHTML (<head> use-after-free)
- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)
- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.5.10-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Sat Jul 18 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-12
- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)
- -devel: Requires: %{name}%_isa ...
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #545303 - kdelibs3 KHTML/KJS crashes when viewing pages with JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=545303
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kdelibs3' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list