Synopsis:	Important: kdenetwork security update
Issue date:	2011-04-21
CVE Names:	CVE-2011-1586

A directory traversal flaw was found in the way KGet, a download 
manager, handled the "file" element in Metalink files. An attacker could 
use this flaw to create a specially-crafted Metalink file that, when 
opened, would cause KGet to overwrite arbitrary files accessible to the 
user running KGet. (CVE-2011-1586)

The desktop must be restarted (log out, then log back in) for this 
update to take effect.

SL 6.x

       SRPMS:
kdenetwork-4.3.4-11.el6_0.1.src.rpm
       i386:
kdenetwork-4.3.4-11.el6_0.1.i686.rpm
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm
       x86_64:
kdenetwork-4.3.4-11.el6_0.1.x86_64.rpm
kdenetwork-devel-4.3.4-11.el6_0.1.i686.rpm
kdenetwork-devel-4.3.4-11.el6_0.1.x86_64.rpm
kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm
kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm

- Scientific Linux Development Team