MDKSA-2001:046

Package name

kdelibs

Date

2001-05-03

Advisory ID

MDKSA-2001:046

Affected versions

8.0 i586

Problem description

A problem exists with the kdesu component of kdelibs. It created a world-readable temporary file to exchange authentication information and delete it shortly after. This can be abused by a local user to gain access to the X server and could result in a compromise of the account that kdesu would access.

Updated packages

8.0 i586

 99e2aa1c140ae9de9a111f6cf2a367b4  8.0/RPMS/arts-2.1.2-1mdk.i586.rpm
ec48c757f16758d297730189ec6038c8  8.0/RPMS/kdelibs-2.1.2-1mdk.i586.rpm
00b8d45010af8b5f982adf14e37b28f3  8.0/RPMS/kdelibs-devel-2.1.2-1mdk.i586.rpm
2a2783f89e6c5afbb2b340f37a1cc6bc  8.0/RPMS/kdelibs-devel-static-libraries-2.1.2-1mdk.i586.rpm
6cd11fde350d6675f8bda3b427576e4b  8.0/RPMS/libarts2-2.1.2-1mdk.i586.rpm
16e5267d1f185f3f389d4453f4ff95ce  8.0/RPMS/libarts2-devel-2.1.2-1mdk.i586.rpm
13929ed2c524abf1bdde6907a71a6a91  8.0/SRPMS/kdelibs-2.1.2-1mdk.src.rpm