[slackware-security] kdebase-workspace

2010-04-2017:51:39

Slackware Linux Project

www.slackware.com

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

JSON

New kdebase-workspace packages are available for Slackware 13.0 and -current to
fix a security issue with KDM.

Here are the details from the Slackware 13.0 ChangeLog:

patches/packages/kdebase-workspace-4.2.4-i486-2_slack13.0.txz: Rebuilt.
Patched a security issue with KDM.
For more information, see:
https://vulners.com/cve/CVE-2010-0436
(* Security fix *)

Where to find the new packages:

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/kdebase-workspace-4.2.4-i486-2_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/kdebase-workspace-4.2.4-x86_64-2_slack13.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-workspace-4.3.5-i486-2.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/kde/kdebase-workspace-4.3.5-x86_64-2.txz

MD5 signatures:

Slackware 13.0 package:
b725c13555aa50143d869848140699f8 kdebase-workspace-4.2.4-i486-2_slack13.0.txz

Slackware x86_64 13.0 package:
541c5a8ed90a7d13b62e160a0bc2aff9 kdebase-workspace-4.2.4-x86_64-2_slack13.0.txz

Slackware -current package:
a99d957ccd69dd97c6aa9ff3b084fc76 kde/kdebase-workspace-4.3.5-i486-2.txz

Slackware x86_64 -current package:
d1a5ec823b6bb94a3842161f49ccf214 kde/kdebase-workspace-4.3.5-x86_64-2.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg kdebase-workspace-4.2.4-i486-2_slack13.0.txz

OSVersionArchitecturePackageVersionFilename
Slackware13.0i486kdebase-workspace< 4.2.4kdebase-workspace-4.2.4-i486-2_slack13.0.txz
Slackware13.0x86_64kdebase-workspace< 4.2.4kdebase-workspace-4.2.4-x86_64-2_slack13.0.txz
Slackwarecurrenti486kdebase-workspace< 4.3.5kdebase-workspace-4.3.5-i486-2.txz
Slackwarecurrentx86_64kdebase-workspace< 4.3.5kdebase-workspace-4.3.5-x86_64-2.txz

OS	Version	Architecture	Package	Version	Filename
Slackware	13.0	i486	kdebase-workspace	< 4.2.4	kdebase-workspace-4.2.4-i486-2_slack13.0.txz
Slackware	13.0	x86_64	kdebase-workspace	< 4.2.4	kdebase-workspace-4.2.4-x86_64-2_slack13.0.txz
Slackware	current	i486	kdebase-workspace	< 4.3.5	kdebase-workspace-4.3.5-i486-2.txz
Slackware	current	x86_64	kdebase-workspace	< 4.3.5	kdebase-workspace-4.3.5-x86_64-2.txz