Navigation
|
|
| Problem Description |
A heap overflow vulnerability was discovered in kjs, the KDE JavaScript
interpretter engine. An attacker could create a malicious web site
that contained carefully crafted JavaScript code that could trigger the
flaw and potentially lead to the arbitrary execution of code as the
user visiting the site.
The updated packages have been patched to correct this problem.
| Updated Packages |
Corporate Server 3.0
e3b716c3fef88118742882a139d589fa corporate/3.0/RPMS/kdelibs-common-3.2-36.15.C30mdk.i586.rpm 439b0acb1afd62c8f894317ad5922557 corporate/3.0/RPMS/libkdecore4-3.2-36.15.C30mdk.i586.rpm 77e5302db914631a223c7fb6a55c623b corporate/3.0/RPMS/libkdecore4-devel-3.2-36.15.C30mdk.i586.rpm 8399789d3975218e919c7544cf4fff41 corporate/3.0/SRPMS/kdelibs-3.2-36.15.C30mdk.src.rpm
Corporate Server 3.0/X86_64
04d568123ae0f632020b16d7ca3c79b5 x86_64/corporate/3.0/RPMS/kdelibs-common-3.2-36.15.C30mdk.x86_64.rpm 6c0451aa188253c07d9865880cb32c35 x86_64/corporate/3.0/RPMS/lib64kdecore4-3.2-36.15.C30mdk.x86_64.rpm 22160903e03c77c575a84ed9ef045ac6 x86_64/corporate/3.0/RPMS/lib64kdecore4-devel-3.2-36.15.C30mdk.x86_64.rpm 439b0acb1afd62c8f894317ad5922557 x86_64/corporate/3.0/RPMS/libkdecore4-3.2-36.15.C30mdk.i586.rpm 8399789d3975218e919c7544cf4fff41 x86_64/corporate/3.0/SRPMS/kdelibs-3.2-36.15.C30mdk.src.rpm
Mandriva Linux 2006
6d11e781a5112ab7d2c991df1bca4c0d 2006.0/RPMS/kdelibs-common-3.4.2-31.3.20060mdk.i586.rpm 09ddb324793a6af1e5bb55912896a9a1 2006.0/RPMS/kdelibs-devel-doc-3.4.2-31.3.20060mdk.i586.rpm 6211efda291f9327ed98d3aca442b1f0 2006.0/RPMS/libkdecore4-3.4.2-31.3.20060mdk.i586.rpm 77f643da674997a6ae38acd761f3016a 2006.0/RPMS/libkdecore4-devel-3.4.2-31.3.20060mdk.i586.rpm 57fb02e73896d75f28d9f9aad5f5dfef 2006.0/SRPMS/kdelibs-3.4.2-31.3.20060mdk.src.rpm
Mandriva Linux 2006/X86_64
84b25eefbb6fa383dbc4ccf92c873f74 x86_64/2006.0/RPMS/kdelibs-common-3.4.2-31.3.20060mdk.x86_64.rpm c3e42fe27e73df2da68ba768f0dbee4c x86_64/2006.0/RPMS/kdelibs-devel-doc-3.4.2-31.3.20060mdk.x86_64.rpm a6a7258b0990a09b099e039f54db18bb x86_64/2006.0/RPMS/lib64kdecore4-3.4.2-31.3.20060mdk.x86_64.rpm 62a2e822dab43b67f7cdfb9258725d2b x86_64/2006.0/RPMS/lib64kdecore4-devel-3.4.2-31.3.20060mdk.x86_64.rpm 6211efda291f9327ed98d3aca442b1f0 x86_64/2006.0/RPMS/libkdecore4-3.4.2-31.3.20060mdk.i586.rpm 77f643da674997a6ae38acd761f3016a x86_64/2006.0/RPMS/libkdecore4-devel-3.4.2-31.3.20060mdk.i586.rpm 57fb02e73896d75f28d9f9aad5f5dfef x86_64/2006.0/SRPMS/kdelibs-3.4.2-31.3.20060mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0019
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.