1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3004-1] kde4libs security update

    From Moritz Muehlenhoff@1:229/2 to All on Mon Aug 11 00:40:01 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3004-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 11, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : kde4libs
    CVE ID : CVE-2014-5033

    Sebastian Krahmer discovered that Kauth used Policykit insecurely by
    relying on the process ID. This could result in privilege escalation.

    For the stable distribution (wheezy), this problem has been fixed in
    version 4:4.8.4-4+deb7u1.

    For the testing distribution (jessie), this problem has been fixed in
    version 4:4.13.3-2.

    For the unstable distribution (sid), this problem has been fixed in
    version 4:4.13.3-2.

    We recommend that you upgrade your kde4libs packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJT5/MsAAoJEBDCk7bDfE42nboQAJZW9L917Mk2+VyVxFRTpeAj g53q+jJUwlRFJznPzgd/UI5G1B3Sqd2I4qmugzqbQKo0JPocLnxMscgQezSmSlVB LnWbNbDx5Aun46Np6LS23sYHzoXhj7cmL4WkXoKsx83L1Mmnu2b+NFs6YQWwhW6U cCG9ut7jwX0yvgCfBLr2hPIrmYT3jJ9btePrYjDCVYGRSBsVHFlqGDBnJn1OVmx2 kg9aMFIFdimj6XkQqvnNrs06LpJR7nz2+VuN46ZKRMu1PwVPmsbUofYXgUNBoNc/ nocsfFHnoe1NF6pv+bIGBTU5ZmNV3h8VzzRpXVcHNwaFU7ZQtqvEJXySK5RZRh2m ccgCSUrCrt92x5ULOCs93dk7ko9NiF48wjFHFZQJaGMPVJ0PF2U+hUWQ6SxqdkXu +lZYHcEH5UbVqH5A/75ykrAxf2c4gRFY8YCHeXSkFhAnrBZysvmNYg3h+vbgF6ya UPSn3oLbIku3QogFsTBz0eZYlbFquQBGEbLUT/46BgnyCdY/imYREGx18dHzKiCo PJUu1rdfrgRh0ilUTZpujYGThmFhYxH9UQfQZIkhD0v0FKWGrPFYOoM7O/6K5Kni ARi4xR02XBJl/i05R76uGmqrel0dqv16YzLce95btXGlntcv6sNrcjdYZAcOVmM0 LsABjA2n+B+zDfn5ueYZ
    =GMoV
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)