Ubuntu: KDE library vulnerability USN-420-1

=========================================================== 
Ubuntu Security Notice USN-420-1          February 06, 2007
kdelibs vulnerability
CVE-2007-0537
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  kdelibs4c2                               4:3.4.3-0ubuntu2.2

Ubuntu 6.06 LTS:
  kdelibs4c2a                              4:3.5.2-0ubuntu18.2

Ubuntu 6.10:
  kdelibs4c2a                              4:3.5.5-0ubuntu3.1

After a standard system upgrade you need to restart your session to
effect the necessary changes.

Details follow:

Jose Avila III and Robert Tasarz discovered that the KDE HTML library 
did not correctly parse HTML comments inside the "title" tag.  By 
tricking a Konqueror user into visiting a malicious website, an attacker 
could bypass cross-site scripting protections.


Updated packages for Ubuntu 5.10:

  Source archives:

          Size/MD5:   330443 7bf67340aef75bbafe1bf0f517ad0677
          Size/MD5:     1523 9a013d5dc8f7953036af99dd264f9811
          Size/MD5: 19981388 36e7a8320bd95760b41c4849da170100

  Architecture independent packages:

          Size/MD5:  6970448 a0a541bd78cb848da8aa97ac4b29d0fe
          Size/MD5: 29298458 f04629ca27bafeaa897a86839fc6e645
          Size/MD5:    30714 8ec392ba5ba0f78e9b12dd9d025019d6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   926668 3e7c767a9eeb80d0a85640d7dbfb53d7
          Size/MD5:  1309046 e73c5de672193ac0385a28dd3accf646
          Size/MD5: 22552842 287114119aee64a256f8fce295e9d034
          Size/MD5:  9109026 aa34fe2f02d9772ad8e25bb36e573505

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   814498 1eace86f58caf3f936c77e749a45ffc6
          Size/MD5:  1305652 0ce209d9c2c5ed846dbb1edc16fe5606
          Size/MD5: 19410566 85751508b7f13b790cbda8d795930a72
          Size/MD5:  8072650 9caf6a826bb790e309036555f40b9b8d

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   909782 0a1cbec28532ca006c7ddcb6990a6e65
          Size/MD5:  1310430 f31f57e3c37f8c12e586cfa0084dc203
          Size/MD5: 22763768 b1aba1f6b9ef2c454f2172d442302b49
          Size/MD5:  8433768 18b2c898ed6d40844c19635d8b85e8a2

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   831058 158b90fe780e29e6618cf4b7f9f96bc8
          Size/MD5:  1307028 b1c14bf29a7622ac3844c68a652bf21c
          Size/MD5: 20031538 f2778deea8ef14eb9b3e90f5ed97ab50
          Size/MD5:  8241130 26c0145f1abb71b0a3ea5a89214df223

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:   477706 5d236a3b69a4bae7b81d337e58a2c3fe
          Size/MD5:     1609 0a27d1f21c1374d8abf8ea0dba0abf79
          Size/MD5: 18775353 00c878d449522fb8aa2769a4c5ae1fde

  Architecture independent packages:

          Size/MD5:  7083858 f74b97726f683b5eca3798bd8f7ae2a1
          Size/MD5: 41496444 87e2fc31c4dd95cd7d87aeee51dec330
          Size/MD5:    35748 636e14773798c30ddf4c0a87b3d5cd39

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   925624 1ba9b88fc6456c6dac97693532412fde
          Size/MD5: 26451886 2eaed22c02f68909ebe219629a774dc6
          Size/MD5:  1355626 1458250a60303a07ad551ce343ae23ec
          Size/MD5:  9406898 7f952f591c7345216bfc0bb42277875d

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   814970 cc6ae65176411013a8dea78a77151e25
          Size/MD5: 22925204 60d4c71b837e82da16d2b1ad75cbf628
          Size/MD5:  1352256 1ceee31122ff0fe680fbdbebbd6c8ced
          Size/MD5:  8334452 427cd25652287fc52ba2bdbd028c2f33

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   905950 4b29acb4cc1a8fb52ff9bb7b3715b0d3
          Size/MD5: 26718664 f92f6f62ab9b9bbd0da8cb649dbeb132
          Size/MD5:  1356968 a6e62679f09dbafa54137204af905494
          Size/MD5:  8689506 0b3b6f533712eb6a8143827d2b01b015

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   827096 17f46503797d14c6be17c7fd890ac843
          Size/MD5: 23623320 36aefb75ec36a60d3308392842556130
          Size/MD5:  1353298 9627c92acea5abc671668d0b5ecfd744
          Size/MD5:  8491558 dd2fe11d276e78bb16bd42bc34452c20

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:   734200 8d5db0d6c6070468a32841b75a9e0d83
          Size/MD5:     1691 7a23f4f003e66e4a4fb90f620a0de347
          Size/MD5: 18926397 65e455d5814142ee992097230ffe7e80

  Architecture independent packages:

          Size/MD5:  7210528 1e62a8249a44e98da5ba24c1eaa1d4f0
          Size/MD5: 39981890 5469fd4b98d68f0e01ddb4bd5ba7d904
          Size/MD5:    37742 2b1ebdb5648cbd390ecd1fa8d6b2d7e4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5: 27050664 b7884e4a85307416811f755e2ed967aa
          Size/MD5:  1345432 c2cd5e2b9433e629ae366965b47c30c6
          Size/MD5: 10401586 f02e2f09dfd27d09f2a00daaaa6a7969

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5: 26229446 ae021c2a0a95f237a934962a39e13821
          Size/MD5:  1343076 5e46eaa9d38a6876671efd18ac052ef5
          Size/MD5:  9555316 4573d9f461ff2a441a13ac744e8f27e5

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5: 28018226 74bc9b1b1e11817b33e3027213462fa0
          Size/MD5:  1347170 df48d8bc10826c2805d607f4d52eb738
          Size/MD5:  9782346 4d5986ecf7ace1bd5bf275d101f98e03

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5: 25362410 e80c7336df062cac6690d745d91730fc
          Size/MD5:  1343134 cc62c0d393cacc36a552c304cee9b2a1
          Size/MD5:  9473018 dfff27cb2bcb323d51d4b16e11453d49
Ubuntu: KDE library vulnerability USN-420-1

Summary

Update Instructions

References

Package Information

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
