Nom du paquet
kdelibs
Date
2008-05-06
Advisory ID
MDVSA-2008:097
Affected versions
2008.1 i586 , 2008.1 x86_64 , 2008.0 i586 , 2008.0 x86_64

Problem description

A vulnerability was found in start_kdeinit in KDE 3.5.5 through
3.5.9 where, if it was installed setuid root, it could allow local
users to cause a denial of service or possibly execute arbitrary code
(CVE-2008-1671).

By default, start_kdeinit is not installed setuid root on Mandriva
Linux, however updated packages have been patched to correct this
issue.

Updated packages

2008.1 i586

 3fdded980feeb40749c9fbef31c8274d  2008.1/i586/kdelibs-common-3.5.9-10.1mdv2008.1.i586.rpm
 c0bba005dbc4013ff8cbe933ff9e5584  2008.1/i586/kdelibs-devel-doc-3.5.9-10.1mdv2008.1.i586.rpm
 8867c7c83437e532b632a3a8f578e39d  2008.1/i586/libkdecore4-3.5.9-10.1mdv2008.1.i586.rpm
 eec45645cada33b83c4394cdfca05af8  2008.1/i586/libkdecore4-devel-3.5.9-10.1mdv2008.1.i586.rpm 
 5d6b90aaf30b609c801e6d41727be2a4  2008.1/SRPMS/kdelibs-3.5.9-10.1mdv2008.1.src.rpm

2008.1 x86_64

 880a8c5c0efe5688bbbcacda27866b32  2008.1/x86_64/kdelibs-common-3.5.9-10.1mdv2008.1.x86_64.rpm
 e217bf386a48838736364332c9919639  2008.1/x86_64/kdelibs-devel-doc-3.5.9-10.1mdv2008.1.x86_64.rpm
 cd18170a8fe9c90e577e2a322f6e6146  2008.1/x86_64/lib64kdecore4-3.5.9-10.1mdv2008.1.x86_64.rpm
 c28603d515c0d86f5ac782541c5b24a9  2008.1/x86_64/lib64kdecore4-devel-3.5.9-10.1mdv2008.1.x86_64.rpm 
 5d6b90aaf30b609c801e6d41727be2a4  2008.1/SRPMS/kdelibs-3.5.9-10.1mdv2008.1.src.rpm

2008.0 i586

 6e9ec4d86831c1de8d97b1143e412094  2008.0/i586/kdelibs-common-3.5.7-43.8mdv2008.0.i586.rpm
 13c4540bad80e97dea7d4f0ae0b85e48  2008.0/i586/kdelibs-devel-doc-3.5.7-43.8mdv2008.0.i586.rpm
 e37ee088e281f3ac22aaa9a2cf967bff  2008.0/i586/libkdecore4-3.5.7-43.8mdv2008.0.i586.rpm
 68de2c2c0c4aefaae88598329c4ae842  2008.0/i586/libkdecore4-devel-3.5.7-43.8mdv2008.0.i586.rpm 
 f88003b0ee66bf4bcb456b7352972507  2008.0/SRPMS/kdelibs-3.5.7-43.8mdv2008.0.src.rpm

2008.0 x86_64

 f22003b71a01cde99bbec436462d8b89  2008.0/x86_64/kdelibs-common-3.5.7-43.8mdv2008.0.x86_64.rpm
 d22e1bbc15d300768f58c75d810bb799  2008.0/x86_64/kdelibs-devel-doc-3.5.7-43.8mdv2008.0.x86_64.rpm
 d52a94a110cd8ccf0611f1c199f0ee91  2008.0/x86_64/lib64kdecore4-3.5.7-43.8mdv2008.0.x86_64.rpm
 7fd7f380efa11735eb0b4a174f5c7ade  2008.0/x86_64/lib64kdecore4-devel-3.5.7-43.8mdv2008.0.x86_64.rpm 
 f88003b0ee66bf4bcb456b7352972507  2008.0/SRPMS/kdelibs-3.5.7-43.8mdv2008.0.src.rpm

References