-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-13223 2009-12-16 00:19:40 --------------------------------------------------------------------------------
Name : kdelibs3 Product : Fedora 11 Version : 3.5.10 Release : 21.fc11 URL : http://www.kde.org/ Summary : K Desktop Environment 3 - Libraries Description : Libraries for the K Desktop Environment 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). -------------------------------------------------------------------------------- Update Information: - fix KHTML/KJS crash when viewing pages with JavaScript - fix unrestricted XMLHttpRequest access to local URLs -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 7 2009 Than Ngo <t...@redhat.com> - 3.5.10-21 - fix security issues in libltdl bundle within kdelibs CVE-2009-3736 - backport upstream patches - patch autoconfigury to build with autoconf >= 2.64 (Stepan Kasal) * Mon Nov 2 2009 Lukáš Tinkl <lti...@redhat.com> - 3.5.10-20 - fix unrestricted XMLHttpRequest access to local URLs (oCERT-2009-015), #532428 * Mon Sep 28 2009 Rex Dieter <rdie...@fedoraproject.org> - 3.5.10-19 - Conflicts with kde-settings (#526109) * Mon Sep 28 2009 Than Ngo <t...@redhat.com> - 3.5.10-18 - rhel cleanup * Wed Sep 23 2009 Rex Dieter <rdie...@fedoraproject.org> - 3.5.10-17 - move /etc/profile.d/kde.(sh|csh) to kde-settings (F-12+) * Fri Sep 4 2009 Than Ngo <t...@redhat.com> - 3.5.10-16 - openssl-1.0 build fixes * Fri Sep 4 2009 Than Ngo <t...@redhat.com> - 3.5.10-15 - fix for CVE-2009-2702 * Thu Sep 3 2009 Rex Dieter <rdie...@fedoraproject.org> - 3.5.10-14 - kde.(sh|csh): drop KDE_IS_PRELINKED (workaround bug #515539) * Sun Jul 26 2009 Kevin Kofler <ke...@tigcc.ticalc.org> - 3.5.10-13 - fix CVE-2009-2537 - select length DoS - fix CVE-2009-1725 - crash, possible ACE in numeric character references - fix CVE-2009-1690 - crash, possible ACE in KHTML (<head> use-after-free) - fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?) - fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling * Fri Jul 24 2009 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 3.5.10-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Sat Jul 18 2009 Rex Dieter <rdie...@fedoraproject.org> - 3.5.10-12 - FTBFS kdelibs3-3.5.10-11.fc11 (#511571) - -devel: Requires: %{name}%_isa ... -------------------------------------------------------------------------------- References: [ 1 ] Bug #545303 - kdelibs3 KHTML/KJS crashes when viewing pages with JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=545303 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kdelibs3' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce