4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
74.9%
The kdelibs packages provide libraries for the K Desktop Environment (KDE).
An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An
attacker could supply a specially-crafted SSL certificate (for example, via
a web page) to an application using KSSL, such as the Konqueror web
browser, causing misleading information to be presented to the user,
possibly tricking them into accepting the certificate as valid.
(CVE-2011-3365)
This update also adds the following enhancement:
Users should upgrade to these updated packages, which contain backported
patches to correct this issue and add this enhancement. The desktop must be
restarted (log out, then log back in) for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | i686 | kdelibs | < 4.3.4-11.el6_1.4 | kdelibs-4.3.4-11.el6_1.4.i686.rpm |
RedHat | 6 | noarch | kdelibs-apidocs | < 4.3.4-11.el6_1.4 | kdelibs-apidocs-4.3.4-11.el6_1.4.noarch.rpm |
RedHat | 6 | s390x | kdelibs | < 4.3.4-11.el6_1.4 | kdelibs-4.3.4-11.el6_1.4.s390x.rpm |
RedHat | 6 | s390 | kdelibs-devel | < 4.3.4-11.el6_1.4 | kdelibs-devel-4.3.4-11.el6_1.4.s390.rpm |
RedHat | 6 | s390 | kdelibs-debuginfo | < 4.3.4-11.el6_1.4 | kdelibs-debuginfo-4.3.4-11.el6_1.4.s390.rpm |
RedHat | 6 | s390x | kdelibs-devel | < 4.3.4-11.el6_1.4 | kdelibs-devel-4.3.4-11.el6_1.4.s390x.rpm |
RedHat | 6 | src | kdelibs | < 4.3.4-11.el6_1.4 | kdelibs-4.3.4-11.el6_1.4.src.rpm |
RedHat | 6 | x86_64 | kdelibs-debuginfo | < 4.3.4-11.el6_1.4 | kdelibs-debuginfo-4.3.4-11.el6_1.4.x86_64.rpm |
RedHat | 6 | x86_64 | kdelibs | < 4.3.4-11.el6_1.4 | kdelibs-4.3.4-11.el6_1.4.x86_64.rpm |
RedHat | 6 | i686 | kdelibs-devel | < 4.3.4-11.el6_1.4 | kdelibs-devel-4.3.4-11.el6_1.4.i686.rpm |