kdebase security update

2007-06-13T19:26:11
ID CESA-2007:0494
Type centos
Reporter CentOS Project
Modified 2007-06-17T14:53:37

Description

CentOS Errata and Security Advisory CESA-2007:0494

The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager.

A problem with the interaction between the Flash Player and the Konqueror web browser was found. The problem could lead to key presses leaking to the Flash Player applet instead of the browser (CVE-2007-2022).

Users of Konqueror who have installed the Adobe Flash Player plugin should upgrade to these updated packages, which contain a patch provided by Dirk Müller that protects against this issue.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-June/025960.html http://lists.centos.org/pipermail/centos-announce/2007-June/025962.html http://lists.centos.org/pipermail/centos-announce/2007-June/025963.html http://lists.centos.org/pipermail/centos-announce/2007-June/025964.html http://lists.centos.org/pipermail/centos-announce/2007-June/025969.html http://lists.centos.org/pipermail/centos-announce/2007-June/025970.html http://lists.centos.org/pipermail/centos-announce/2007-June/025979.html http://lists.centos.org/pipermail/centos-announce/2007-June/025980.html http://lists.centos.org/pipermail/centos-announce/2007-June/026003.html http://lists.centos.org/pipermail/centos-announce/2007-June/026004.html

Affected packages: kdebase kdebase-devel

Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0494.html