[SECURITY] Fedora 10 Update: kdelibs-experimental-4.3.1-1.fc10
updates at fedoraproject.org
updates at fedoraproject.org
Tue Sep 15 07:41:19 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-9427
2009-09-09 00:48:07
--------------------------------------------------------------------------------
Name : kdelibs-experimental
Product : Fedora 10
Version : 4.3.1
Release : 1.fc10
URL : http://www.kde.org/
Summary : KDE libraries with experimental or unstable api/abi
Description :
KDE libraries with experimental or unstable api/abi.
--------------------------------------------------------------------------------
Update Information:
This updates KDE to 4.3.1, the latest upstream bugfix release. The main
improvements are: * KDE 4.3 is now also available in Croatian. * A crash when
editing toolbar setup has been fixed. * Support for transferring files through
SSH using KIO::Fish has been fixed. * A number of bugs in KWin, KDE's window
and compositing manager has been fixed. * A large number of bugs in KMail,
KDE's email client are now gone. See
http://kde.org/announcements/announce-4.3.1.php for more information. In
addition, this update: * fixes a potential security issue (CVE-2009-2702) with
certificate validation in the KIO KSSL code. It is believed that the affected
code is not actually used (the code in Qt, for which a security update was
already issued, is) and thus the issue is only potential, but KSSL is being
patched just in case, * splits PolicyKit-kde out of kdebase-workspace again to
avoid forcing it onto GNOME-based setups, where PolicyKit-gnome is desired
instead (#519654).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #520661 - CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName
https://bugzilla.redhat.com/show_bug.cgi?id=520661
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kdelibs-experimental' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list