Synopsis: Important: kdelibs security update
Issue date: 2009-06-25
CVE Names: CVE-2009-1698
A flaw was found in the way the KDE CSS parser handled content for the
CSS "style" attribute. A remote attacker could create a
specially-crafted CSS equipped HTML page, which once visited by an
unsuspecting user, could cause a denial of service (Konqueror crash) or,
potentially, execute arbitrary code with the privileges of the user
running Konqueror. (CVE-2009-1698)
The desktop must be restarted (log out, then log back in) for this
update to take effect.
SL 3.0.x
SRPMS:
kdelibs-3.1.3-6.13.src.rpm
i386:
kdelibs-3.1.3-6.13.i386.rpm
kdelibs-devel-3.1.3-6.13.i386.rpm
x86_64:
kdelibs-3.1.3-6.13.i386.rpm
kdelibs-3.1.3-6.13.x86_64.rpm
kdelibs-devel-3.1.3-6.13.x86_64.rpm
-Connie Sieh
-Troy Dawson