KDE Konqueror Cookie Domain Validation Vulnerability

Solution:
The vendor has released an advisory (advisory-20040823-1) and fixes to address this issue. Users are advised to apply an appropriate patch as soon as possible. Further information pertaining to obtaining and applying appropriate patches can be found in the referenced advisory.

SuSE has released advisory SUSE-SA:2004:26 mainly to address the vulnerability described in BID 10938. However, in the addendum of this advisory, it is reported that fixes for the issue described in this BID are now available on the SuSE update FTP server for download (kdebase3). Customers are advised to see the referenced advisory for further information regarding obtaining and applying appropriate updates.

Mandrake Linux has released an advisory (MDKSA-2004:086) along with fixes to address this, and other issues. Please see the referenced advisory for further information.

Gentoo Linux has released an advisory (GLSA 200408-23) along with fixes to address this issue. Please see the referenced advisory for further information. Users of affected packages are urged to execute the following with superuser privileges:
emerge sync
emerge -pv ">=kde-base/kdelibs-3.2.3-r2"
emerge ">=kde-base/kdelibs-3.2.3-r2"

RedHat has released advisories (FEDORA-2004-290, FEDORA-2004-291) to address various issues affecting KDE in Fedora Core 1 and Core 2. Please see the referenced advisories for more information.

Conectiva Linux has released advisory CLA-2004:864 along with fixes dealing with this and other issues. Please see the referenced advisory for more information.

Red Hat has released an advisory (RHSA-2004:412-10) to address various issues affecting KDE in Red Hat Enterprise Linux. Please see the advisory in Web references for more information.


KDE KDE 3.1.3

KDE KDE 3.2


 

Privacy Statement
Copyright 2010, SecurityFocus