Fedora 11 Update: kdelibs3-3.5.10-21.fc11

updates at fedoraproject.org updates at fedoraproject.org
Wed Dec 16 01:19:13 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-13223
2009-12-16 00:19:40
--------------------------------------------------------------------------------

Name        : kdelibs3
Product     : Fedora 11
Version     : 3.5.10
Release     : 21.fc11
URL         : http://www.kde.org/
Summary     : K Desktop Environment 3 - Libraries
Description :
Libraries for the K Desktop Environment 3:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).

--------------------------------------------------------------------------------
Update Information:

- fix KHTML/KJS crash when viewing pages with JavaScript  - fix unrestricted
XMLHttpRequest access to local URLs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Dec  7 2009 Than Ngo <than at redhat.com> - 3.5.10-21
- fix security issues in libltdl bundle within kdelibs CVE-2009-3736
- backport upstream patches
- patch autoconfigury to build with autoconf >= 2.64 (Stepan Kasal)
* Mon Nov  2 2009 Lukáš Tinkl <ltinkl at redhat.com> - 3.5.10-20
- fix unrestricted XMLHttpRequest access to local URLs (oCERT-2009-015), #532428
* Mon Sep 28 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-19
- Conflicts with kde-settings (#526109)
* Mon Sep 28 2009 Than Ngo <than at redhat.com> - 3.5.10-18
- rhel cleanup
* Wed Sep 23 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-17 
- move /etc/profile.d/kde.(sh|csh) to kde-settings (F-12+)
* Fri Sep  4 2009 Than Ngo <than at redhat.com> - 3.5.10-16
- openssl-1.0 build fixes
* Fri Sep  4 2009 Than Ngo <than at redhat.com> - 3.5.10-15
- fix for CVE-2009-2702
* Thu Sep  3 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-14
- kde.(sh|csh): drop KDE_IS_PRELINKED (workaround bug #515539)
* Sun Jul 26 2009 Kevin Kofler <Kevin at tigcc.ticalc.org> - 3.5.10-13
- fix CVE-2009-2537 - select length DoS
- fix CVE-2009-1725 - crash, possible ACE in numeric character references
- fix CVE-2009-1690 - crash, possible ACE in KHTML (<head> use-after-free)
- fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?)
- fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.5.10-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Sat Jul 18 2009 Rex Dieter <rdieter at fedoraproject.org> - 3.5.10-12 
- FTBFS kdelibs3-3.5.10-11.fc11 (#511571)
- -devel: Requires: %{name}%_isa ...
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #545303 - kdelibs3 KHTML/KJS crashes when viewing pages with JavaScript
        https://bugzilla.redhat.com/show_bug.cgi?id=545303
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update kdelibs3' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list