6 matches found
SuSE 11.3 Security Update : kdebase4-workspace (SAT Patch Number 9467)
This kdebase4-workspace update fixes two security issues : - NULL pointer dereference in KDM and KCheckPass. CVE-2013-4132 - Memory leak that could lead to a denial of service. CVE-2013-4133 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
openSUSE Security Update : kdebase4-workspace (openSUSE-SU-2013:1253-1)
Added changesetra2bab28a.diff from upstream 4.11 branch, fixes kde321576 - Added kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.pat ch, bnc829857, CVE-2013-4132 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
openSUSE Security Update : kdebase4-workspace (openSUSE-SU-2013:1291-1)
kdebase4-workspace received fixes for : - KDM: a potential crash in crypt was fixed bnc829857, CVE-2013-4132 - Fixes plasma systemtray memory leak with legacy icons kde314919, bnc817932, bnc829857, CVE-2013-4133 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
CVE-2013-4132
KDE-Workspace 4.10.5 and earlier does not properly handle the return value of the glibc 2.17 crypt and pwencrypt functions, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via 1 an invalid salt or a 2 DES or 3 MD5 encrypted password, when FIPS-140 is...
CVE-2013-4132
CVE-2013-4132 affects KDE Workspace kdebase4-workspace 4.10.5 and earlier. The issue is a NULL pointer dereference in the crypt()/pw_encrypt paths when handling certain salts or DES/MD5 passwords, exploitable to cause a denial of service (crash) in KDM or KCheckPass when FIPS-140 is enabled. Publ...
Updated kde packages fix security issues
This update provides the last stable version of KDE for the 4.10.x branch. Some of the new packages fixes additional issues open on our tracker : - A memory leak in kde-workspace kde 314919 & mga 7953 - A memory leak in kmix mga 10702 & kde 309464 - A packaging issue affecting kdebase4-runtime...