CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
90.1%
This update fixes a security vulnerability in the polkit authentication backend of kdelibs (CVE-2014-5033) (mga#13792), and fixes some additional issues: - duplicate targets in PythonMacros.cmake (reviewboard kde 111371), - kded4 leak sockets in NetworkInterface::isWireless() (bko#324954), - media type application/x-konsole is unsupported (bko#292378), - pure Qt applications (like VLC) that get the kdelibs file dialog are not properly translated (mga#12982), - meinproc4 doesn’t substitute entity with libxml2 fixed for CVE-2014-0191 (bko#335001, mga#13555, mga#13559),
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | kdelibs4 | < 4.10.5-1.2 | kdelibs4-4.10.5-1.2.mga3 |
www.kde.org/info/security/advisory-20140730-1.txt
bugs.kde.org/show_bug.cgi?id=292378
bugs.kde.org/show_bug.cgi?id=324954
bugs.kde.org/show_bug.cgi?id=335001
bugs.mageia.org/show_bug.cgi?id=12982
bugs.mageia.org/show_bug.cgi?id=13555
bugs.mageia.org/show_bug.cgi?id=13559
bugs.mageia.org/show_bug.cgi?id=13792
bugs.mageia.org/show_bug.cgi?id=13826
bugzilla.novell.com/show_bug.cgi?id=864716
git.reviewboard.kde.org/r/111371/