kdelibs security update
| Advisory: | RHSA-2003:003-14 |
|---|---|
| Type: | Security Advisory |
| Severity: | Important |
| Issued on: | 2003-02-17 |
| Last updated on: | 2003-02-14 |
| Affected Products: | Red Hat Enterprise Linux AS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor |
| CVEs (cve.mitre.org): |
CVE-2002-1393 |
Details
A security issue has been found in KDE. This errata provides updates which
resolve these issues.
KDE is a graphical desktop environment for the X Window System.
KDE fails in multiple places to properly quote URLs and filenames
before passing them to a command shell. This could allow remote
attackers to execute arbitrary commands through carefully crafted URLs,
filenames, or email addresses.
Users of KDE are advised to install the updated packages which contain
backported patches to correct this issue.
Please note that for the Itanium (IA64) architecture only, this update also
fixes several other vulnerabilities. Details concerning these
vulnerabilities can be found in advisory RHSA-2002:221 and correspond to
CVE names CAN-2002-0970, CAN-2002-1151, CAN-2002-1247, and CAN-2002-1306.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Updated packages
| Red Hat Enterprise Linux AS (v. 2.1) | |
| SRPMS: | |
| ftp://updates.redhat.com/rhn/repository/NULL/kdegames/2.2.2-2/SRPMS/kdegames-2.2.2-2.src.rpm Missing file |
MD5: fc82084492006325f552c7b83548aff5 |
| kdemultimedia-2.2.2-4.src.rpm File outdated by: RHEA-2003:260 |
MD5: 85e18de74d228167fdaeee2427ca8d38 |
| kdenetwork-2.2.2-3.src.rpm File outdated by: RHSA-2005:175 |
MD5: d37b6e11af06e29be20eec0fa50afe49 |
| kdenetwork-2.2.2-3.src.rpm File outdated by: RHSA-2005:175 |
MD5: d37b6e11af06e29be20eec0fa50afe49 |
| ftp://updates.redhat.com/rhn/public/2703533/kdepim/6:2.2.2-4/SRPMS/kdepim-2.2.2-4.src.rpm Missing file |
MD5: c9cafb2e6a3f7fdc0c1dc4410e2ca624 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim/2.2.2-4/SRPMS/kdepim-2.2.2-4.src.rpm Missing file |
MD5: c9cafb2e6a3f7fdc0c1dc4410e2ca624 |
| ftp://updates.redhat.com/rhn/public/2703533/kdesdk/2.2.2-2/SRPMS/kdesdk-2.2.2-2.src.rpm Missing file |
MD5: 3fa67b23cdf8d5d48923e9650777bab2 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk/2.2.2-2/SRPMS/kdesdk-2.2.2-2.src.rpm Missing file |
MD5: 3fa67b23cdf8d5d48923e9650777bab2 |
| ftp://updates.redhat.com/rhn/public/2703533/kdeutils/6:2.2.2-2/SRPMS/kdeutils-2.2.2-2.src.rpm Missing file |
MD5: 1df83e4730a44715c78df326dff4a37a |
| ftp://updates.redhat.com/rhn/repository/NULL/kdeutils/2.2.2-2/SRPMS/kdeutils-2.2.2-2.src.rpm Missing file |
MD5: 1df83e4730a44715c78df326dff4a37a |
| IA-32: | |
| arts-2.2.2-6.i386.rpm File outdated by: RHSA-2006:0720 |
MD5: 85c757535a86e2375879b901165d62f2 |
| kdebase-2.2.2-6.i386.rpm File outdated by: RHSA-2005:009 |
MD5: 959179da6351e6a0d695c6598497a9a8 |
| kdebase-devel-2.2.2-6.i386.rpm File outdated by: RHSA-2005:009 |
MD5: 85f104e291607ae0ae3736216f47adfe |
| ftp://updates.redhat.com/rhn/repository/NULL/kdegames/2.2.2-2/i386/kdegames-2.2.2-2.i386.rpm Missing file |
MD5: cfbb04f4916da5c4e168f2cd8707c3a2 |
| kdegraphics-2.2.2-3.i386.rpm File outdated by: RHSA-2006:0648 |
MD5: 16844c66804d26e3466c5a052e3c2502 |
| kdegraphics-devel-2.2.2-3.i386.rpm File outdated by: RHSA-2006:0648 |
MD5: af4b9aa663ac962458beb3e4be4b9ead |
| kdelibs-2.2.2-6.i386.rpm File outdated by: RHSA-2006:0720 |
MD5: edfe16d87df53da11a722fa4f70da96f |
| kdelibs-devel-2.2.2-6.i386.rpm File outdated by: RHSA-2006:0720 |
MD5: f5d5a8d2f6cca9184e2d0860c10eeb29 |
| kdelibs-sound-2.2.2-6.i386.rpm File outdated by: RHSA-2006:0720 |
MD5: 646bc1b7886477efd663373855789ea0 |
| kdelibs-sound-devel-2.2.2-6.i386.rpm File outdated by: RHSA-2006:0720 |
MD5: 6645c827ceb47087d176db5b32e95b21 |
| kdemultimedia-2.2.2-4.i386.rpm File outdated by: RHEA-2003:260 |
MD5: b327562a8e6dd12b6834936ff91c6358 |
| kdemultimedia-devel-2.2.2-4.i386.rpm File outdated by: RHEA-2003:260 |
MD5: c3a9d584d0ea33ddc47ca486944ab77a |
| kdenetwork-2.2.2-3.i386.rpm File outdated by: RHSA-2005:175 |
MD5: ac375f88ee18026cea1dcf65906aba14 |
| kdenetwork-ppp-2.2.2-3.i386.rpm File outdated by: RHSA-2005:175 |
MD5: 18c6d0332e425d42d8b34810fcd13e48 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim/2.2.2-4/i386/kdepim-2.2.2-4.i386.rpm Missing file |
MD5: b4d556865bc139e6b108840f8dc8c462 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-cellphone/2.2.2-4/i386/kdepim-cellphone-2.2.2-4.i386.rpm Missing file |
MD5: e79470bc67b0357e1cf0bbbd8f3d118f |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-devel/2.2.2-4/i386/kdepim-devel-2.2.2-4.i386.rpm Missing file |
MD5: 29c2c2c9e52985d419442a233408d38b |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-pilot/2.2.2-4/i386/kdepim-pilot-2.2.2-4.i386.rpm Missing file |
MD5: 699b0e99c17f33e9877e7b90e1855d78 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk/2.2.2-2/i386/kdesdk-2.2.2-2.i386.rpm Missing file |
MD5: 7e9fc7a6443994111b279585a4002b18 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk-devel/2.2.2-2/i386/kdesdk-devel-2.2.2-2.i386.rpm Missing file |
MD5: d4fcdea565795fdb000d87638b47fda1 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdeutils/2.2.2-2/i386/kdeutils-2.2.2-2.i386.rpm Missing file |
MD5: 870ddb1e8a9c78fc4c25dbf7ee94a18f |
| IA-64: | |
| arts-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 54723426b2fd9e783fb8db2bb5e50e53 |
| kdebase-2.2.2-6.ia64.rpm File outdated by: RHSA-2005:009 |
MD5: 0a102d5cefc902c911d7dc49a9f00e3d |
| kdebase-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2005:009 |
MD5: 41a752c93f20afa9637f8ababaf7908f |
| ftp://updates.redhat.com/rhn/repository/NULL/kdegames/2.2.2-2/ia64/kdegames-2.2.2-2.ia64.rpm Missing file |
MD5: 9f3f155afa37d6b7bf86caa26e27743e |
| kdegraphics-2.2.2-3.ia64.rpm File outdated by: RHSA-2006:0648 |
MD5: 0fcbb090e617212b592cceea2151db6d |
| kdegraphics-devel-2.2.2-3.ia64.rpm File outdated by: RHSA-2006:0648 |
MD5: 527c2b5e61e578212547c34f79db5df2 |
| kdelibs-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 899fa4ffa9b2d11a5a53cdb1581d8ba3 |
| kdelibs-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 87648fadde65d08e12db709b83458cb5 |
| kdelibs-sound-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: db50a2021674bc92d0ffdcf5dd161a3e |
| kdelibs-sound-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: f60187d58ccd6d52ff8ab9cade2590c7 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdemultimedia/2.2.2-4/ia64/kdemultimedia-2.2.2-4.ia64.rpm Missing file |
MD5: 02cbce02b423b5a49820e47e3a6505c9 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdemultimedia-devel/2.2.2-4/ia64/kdemultimedia-devel-2.2.2-4.ia64.rpm Missing file |
MD5: 576d97ba748cde18075a43725f36d481 |
| kdenetwork-2.2.2-3.ia64.rpm File outdated by: RHSA-2005:175 |
MD5: ef82850163a059a749ac5f385418afc3 |
| kdenetwork-ppp-2.2.2-3.ia64.rpm File outdated by: RHSA-2005:175 |
MD5: 75cca6b1049ed71393b4c93704a37cc7 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim/2.2.2-4/ia64/kdepim-2.2.2-4.ia64.rpm Missing file |
MD5: 60481f32c7b38bc90b829f97c715090b |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-cellphone/2.2.2-4/ia64/kdepim-cellphone-2.2.2-4.ia64.rpm Missing file |
MD5: 6e2be51ff6c324dc7de01421aefdcd91 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-devel/2.2.2-4/ia64/kdepim-devel-2.2.2-4.ia64.rpm Missing file |
MD5: 1a38d6b35183fc2046946e79c873d64c |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk/2.2.2-2/ia64/kdesdk-2.2.2-2.ia64.rpm Missing file |
MD5: 1c7c8795a50d86c72ca9c0f5c64a8fb4 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk-devel/2.2.2-2/ia64/kdesdk-devel-2.2.2-2.ia64.rpm Missing file |
MD5: cde36cf2918df466616cd993c6f9dce6 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdeutils/2.2.2-2/ia64/kdeutils-2.2.2-2.ia64.rpm Missing file |
MD5: 5dcf0e25c30161c218d1bf62aa9814b2 |
| Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor | |
| SRPMS: | |
| ftp://updates.redhat.com/rhn/repository/NULL/kdegames/2.2.2-2/SRPMS/kdegames-2.2.2-2.src.rpm Missing file |
MD5: fc82084492006325f552c7b83548aff5 |
| kdemultimedia-2.2.2-4.src.rpm File outdated by: RHEA-2003:260 |
MD5: 85e18de74d228167fdaeee2427ca8d38 |
| kdenetwork-2.2.2-3.src.rpm File outdated by: RHSA-2005:175 |
MD5: d37b6e11af06e29be20eec0fa50afe49 |
| kdenetwork-2.2.2-3.src.rpm File outdated by: RHSA-2005:175 |
MD5: d37b6e11af06e29be20eec0fa50afe49 |
| ftp://updates.redhat.com/rhn/public/2703533/kdepim/6:2.2.2-4/SRPMS/kdepim-2.2.2-4.src.rpm Missing file |
MD5: c9cafb2e6a3f7fdc0c1dc4410e2ca624 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim/2.2.2-4/SRPMS/kdepim-2.2.2-4.src.rpm Missing file |
MD5: c9cafb2e6a3f7fdc0c1dc4410e2ca624 |
| ftp://updates.redhat.com/rhn/public/2703533/kdesdk/2.2.2-2/SRPMS/kdesdk-2.2.2-2.src.rpm Missing file |
MD5: 3fa67b23cdf8d5d48923e9650777bab2 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk/2.2.2-2/SRPMS/kdesdk-2.2.2-2.src.rpm Missing file |
MD5: 3fa67b23cdf8d5d48923e9650777bab2 |
| ftp://updates.redhat.com/rhn/public/2703533/kdeutils/6:2.2.2-2/SRPMS/kdeutils-2.2.2-2.src.rpm Missing file |
MD5: 1df83e4730a44715c78df326dff4a37a |
| ftp://updates.redhat.com/rhn/repository/NULL/kdeutils/2.2.2-2/SRPMS/kdeutils-2.2.2-2.src.rpm Missing file |
MD5: 1df83e4730a44715c78df326dff4a37a |
| IA-64: | |
| arts-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 54723426b2fd9e783fb8db2bb5e50e53 |
| kdebase-2.2.2-6.ia64.rpm File outdated by: RHSA-2005:009 |
MD5: 0a102d5cefc902c911d7dc49a9f00e3d |
| kdebase-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2005:009 |
MD5: 41a752c93f20afa9637f8ababaf7908f |
| ftp://updates.redhat.com/rhn/repository/NULL/kdegames/2.2.2-2/ia64/kdegames-2.2.2-2.ia64.rpm Missing file |
MD5: 9f3f155afa37d6b7bf86caa26e27743e |
| kdegraphics-2.2.2-3.ia64.rpm File outdated by: RHSA-2006:0648 |
MD5: 0fcbb090e617212b592cceea2151db6d |
| kdegraphics-devel-2.2.2-3.ia64.rpm File outdated by: RHSA-2006:0648 |
MD5: 527c2b5e61e578212547c34f79db5df2 |
| kdelibs-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 899fa4ffa9b2d11a5a53cdb1581d8ba3 |
| kdelibs-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: 87648fadde65d08e12db709b83458cb5 |
| kdelibs-sound-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: db50a2021674bc92d0ffdcf5dd161a3e |
| kdelibs-sound-devel-2.2.2-6.ia64.rpm File outdated by: RHSA-2006:0720 |
MD5: f60187d58ccd6d52ff8ab9cade2590c7 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdemultimedia/2.2.2-4/ia64/kdemultimedia-2.2.2-4.ia64.rpm Missing file |
MD5: 02cbce02b423b5a49820e47e3a6505c9 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdemultimedia-devel/2.2.2-4/ia64/kdemultimedia-devel-2.2.2-4.ia64.rpm Missing file |
MD5: 576d97ba748cde18075a43725f36d481 |
| kdenetwork-2.2.2-3.ia64.rpm File outdated by: RHSA-2005:175 |
MD5: ef82850163a059a749ac5f385418afc3 |
| kdenetwork-ppp-2.2.2-3.ia64.rpm File outdated by: RHSA-2005:175 |
MD5: 75cca6b1049ed71393b4c93704a37cc7 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim/2.2.2-4/ia64/kdepim-2.2.2-4.ia64.rpm Missing file |
MD5: 60481f32c7b38bc90b829f97c715090b |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-cellphone/2.2.2-4/ia64/kdepim-cellphone-2.2.2-4.ia64.rpm Missing file |
MD5: 6e2be51ff6c324dc7de01421aefdcd91 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdepim-devel/2.2.2-4/ia64/kdepim-devel-2.2.2-4.ia64.rpm Missing file |
MD5: 1a38d6b35183fc2046946e79c873d64c |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk/2.2.2-2/ia64/kdesdk-2.2.2-2.ia64.rpm Missing file |
MD5: 1c7c8795a50d86c72ca9c0f5c64a8fb4 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdesdk-devel/2.2.2-2/ia64/kdesdk-devel-2.2.2-2.ia64.rpm Missing file |
MD5: cde36cf2918df466616cd993c6f9dce6 |
| ftp://updates.redhat.com/rhn/repository/NULL/kdeutils/2.2.2-2/ia64/kdeutils-2.2.2-2.ia64.rpm Missing file |
MD5: 5dcf0e25c30161c218d1bf62aa9814b2 |
References
https://www.redhat.com/security/data/cve/CVE-2002-1393.html
http://www.kde.org/info/security/advisory-20021220-1.txt
http://www.kde.org/info/security/advisory-20021220-1.txt
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
