Support / Security / Advisories / Mandrakelinux 9.2 / MDKSA-2003:079

Package name: kdelibs
Date: 2003-07-31
Advisory ID: MDKSA-2003:079
Affected versions: 9.1 i586 , CS2.1 i586 , 9.1 i586 , 9.0 i586 , CS2.1 x86_64

Problem description

A vulnerability in Konqueror was discovered where it could inadvertently send authentication credentials to websites other than the intended site in clear text via the HTTP-referer header when authentication credentials are passed as part of a URL in the form http://user:password@host/. The provided packages have a patch that corrects this issue.

Updated packages

9.1 i586

 e7092f9cf6c55fc0a7008e04e01e6d2c  ppc/9.1/RPMS/kdelibs-3.1-58.2mdk.ppc.rpm
3db061e6d33b8f6c52450d81bfdd8350  ppc/9.1/RPMS/kdelibs-common-3.1-58.2mdk.ppc.rpm
310c9f897ec102364c4c3cdcd316489e  ppc/9.1/RPMS/kdelibs-devel-3.1-58.2mdk.ppc.rpm
759658ab119a0f16ea1d159e2e5a1f04  ppc/9.1/RPMS/kdelibs-static-devel-3.1-58.2mdk.ppc.rpm
ee3757404d902cfe682f0da6e7fbebd0  ppc/9.1/SRPMS/kdelibs-3.1-58.2mdk.src.rpm

CS2.1 i586

 b8bc8c31085b3953081b68e84563eafb  corporate/2.1/RPMS/kdelibs-3.0.5a-1.3mdk.i586.rpm
2c202cd237dd49f4f722c5566bd987cc  corporate/2.1/RPMS/kdelibs-devel-3.0.5a-1.3mdk.i586.rpm
fbdd8d3ee582d77450254a7e20c5edf5  corporate/2.1/SRPMS/kdelibs-3.0.5a-1.3mdk.src.rpm

9.1 i586

 407505c85c575715048509488bcf9137  9.1/RPMS/kdelibs-3.1-58.2mdk.i586.rpm
52921509997a7688377a6000d00711b7  9.1/RPMS/kdelibs-common-3.1-58.2mdk.i586.rpm
3ab334a2170fe9bd8fc035327d0ff178  9.1/RPMS/kdelibs-devel-3.1-58.2mdk.i586.rpm
7c5f0501a362ac2c89e3ea8ef882990a  9.1/RPMS/kdelibs-static-devel-3.1-58.2mdk.i586.rpm
ee3757404d902cfe682f0da6e7fbebd0  9.1/SRPMS/kdelibs-3.1-58.2mdk.src.rpm

9.0 i586

 b8bc8c31085b3953081b68e84563eafb  9.0/RPMS/kdelibs-3.0.5a-1.3mdk.i586.rpm
2c202cd237dd49f4f722c5566bd987cc  9.0/RPMS/kdelibs-devel-3.0.5a-1.3mdk.i586.rpm
fbdd8d3ee582d77450254a7e20c5edf5  9.0/SRPMS/kdelibs-3.0.5a-1.3mdk.src.rpm

CS2.1 x86_64

 a57625bd5ba6e06c4bbd6c0a9a31338e  x86_64/corporate/2.1/RPMS/kdelibs-3.0.5-2.1mdk.x86_64.rpm
05c01ebdeed267aa9a45201880907fb9  x86_64/corporate/2.1/RPMS/kdelibs-devel-3.0.5-2.1mdk.x86_64.rpm
72279bba0e9901ddd8d17d7db35998ef  x86_64/corporate/2.1/SRPMS/kdelibs-3.0.5-2.1mdk.src.rpm

MDKSA-2003:079

Problem description

Updated packages

9.1 i586

CS2.1 i586

9.1 i586

9.0 i586

CS2.1 x86_64

References