rPSA-2007-0052-2 kdelibs
rPath Update Announcements
announce-noreply at rpath.com
Thu Mar 8 03:12:30 EST 2007
rPath Security Advisory: 2007-0052-2
Published: 2007-03-07
Updated:
2007-03-08 Removed :config components
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Indirect Deterministic Weakness
Updated Versions:
kdelibs=/conary.rpath.com at rpl:devel//1/3.4.2-5.13-2
References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537
https://issues.rpath.com/browse/RPL-1117
Description:
Previous versions of the kdelibs package enable a cross-site
scripting (XSS) attack against the konquerer web browser by embedding
certain HTML tags within a comment in a title tag.
8 March 2007 Update: rebuilt packages not to include :config
components.
More information about the update-announce
mailing list