Skip to navigation

Security Advisory Critical: kdelibs security update

Advisory: RHSA-2009:1601-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-11-24
Last updated on: 2009-11-24
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-0689

Details

Updated kdelibs packages that fix one security issue are now available for
Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The kdelibs packages provide libraries for the K Desktop Environment (KDE).

A buffer overflow flaw was found in the kdelibs string to floating point
conversion routines. A web page containing malicious JavaScript could crash
Konqueror or, potentially, execute arbitrary code with the privileges of the
user running Konqueror. (CVE-2009-0689)

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The desktop must be restarted (log out, then
log back in) for this update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
kdelibs-3.5.4-25.el5_4.1.src.rpm
File outdated by:  RHEA-2014:0165
    MD5: 056181c7900fa38e644671fc7e90b45c
 
IA-32:
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: 7c01433de5205d5584d602bb87f7917f
 
x86_64:
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: 7c01433de5205d5584d602bb87f7917f
kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: a7de5df14f389442fbd608a391053123
 
Red Hat Desktop (v. 4)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 4545b6643e96a0f55cc886561113f3e8
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: c3392b7580e1cf4815550b07fe85ec82
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
kdelibs-3.5.4-25.el5_4.1.src.rpm
File outdated by:  RHEA-2014:0165
    MD5: 056181c7900fa38e644671fc7e90b45c
 
IA-32:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: fa5a37b7c1db482a354e2b65718e92cc
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: 7c01433de5205d5584d602bb87f7917f
 
IA-64:
kdelibs-3.5.4-25.el5_4.1.ia64.rpm
File outdated by:  RHEA-2014:0165
    MD5: c4afe74321f8807107bc5e9576ecae9b
kdelibs-apidocs-3.5.4-25.el5_4.1.ia64.rpm
File outdated by:  RHEA-2014:0165
    MD5: e4f2c75255d2a41995597bbcbbff69e3
kdelibs-devel-3.5.4-25.el5_4.1.ia64.rpm
File outdated by:  RHEA-2014:0165
    MD5: c3b2e52c60f22e3aaa29509ad3e13642
 
PPC:
kdelibs-3.5.4-25.el5_4.1.ppc.rpm
File outdated by:  RHEA-2014:0165
    MD5: 8183fcab22297ec203a6e3cf5f74d1eb
kdelibs-3.5.4-25.el5_4.1.ppc64.rpm
File outdated by:  RHEA-2014:0165
    MD5: b097692364fa9b8a20111b31a94eb0c8
kdelibs-apidocs-3.5.4-25.el5_4.1.ppc.rpm
File outdated by:  RHEA-2014:0165
    MD5: 5dbd23cd21bdc75437911d8d47d33f49
kdelibs-devel-3.5.4-25.el5_4.1.ppc.rpm
File outdated by:  RHEA-2014:0165
    MD5: c13943f9a22cb02f70c9c7f09fb19e04
kdelibs-devel-3.5.4-25.el5_4.1.ppc64.rpm
File outdated by:  RHEA-2014:0165
    MD5: 0fc4eb986bbb27dc49a2c31e83eac11f
 
s390x:
kdelibs-3.5.4-25.el5_4.1.s390.rpm
File outdated by:  RHEA-2014:0165
    MD5: 3b73055c430b2ffe383703f774245379
kdelibs-3.5.4-25.el5_4.1.s390x.rpm
File outdated by:  RHEA-2014:0165
    MD5: b3c15e3291e89a732e0c800e1a627efe
kdelibs-apidocs-3.5.4-25.el5_4.1.s390x.rpm
File outdated by:  RHEA-2014:0165
    MD5: 814e224d4b7e87cb2c18a8c555feed19
kdelibs-devel-3.5.4-25.el5_4.1.s390.rpm
File outdated by:  RHEA-2014:0165
    MD5: cd8791f4cb7c1790b35de71a96e5db07
kdelibs-devel-3.5.4-25.el5_4.1.s390x.rpm
File outdated by:  RHEA-2014:0165
    MD5: b6ded2e4c039fea757e15b70bd280d8c
 
x86_64:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: 66169c07f52da0157f9d966de8104853
kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: f48337f84ec5d862b7d45cf88bb2c250
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: 7c01433de5205d5584d602bb87f7917f
kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: a7de5df14f389442fbd608a391053123
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 4545b6643e96a0f55cc886561113f3e8
 
IA-64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 860d5d29671d5fdc3f2935fbc3b820ee
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: fb9a4c8acaf2a31bca9d2d24b1beba8e
 
PPC:
kdelibs-3.3.1-17.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1385
    MD5: c570fd3a191ff1f12e7e8a4b3d471e09
kdelibs-3.3.1-17.el4_8.1.ppc64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 785e8aa2afa5e4332e3624857f92a351
kdelibs-devel-3.3.1-17.el4_8.1.ppc.rpm
File outdated by:  RHSA-2011:1385
    MD5: 4ebf586bd29c115a2fb682d9d8124008
 
s390:
kdelibs-3.3.1-17.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1385
    MD5: f6998c13039230f9de371c661144f06f
kdelibs-devel-3.3.1-17.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1385
    MD5: 78d42be438a70418a0df208b55e8ff6b
 
s390x:
kdelibs-3.3.1-17.el4_8.1.s390.rpm
File outdated by:  RHSA-2011:1385
    MD5: f6998c13039230f9de371c661144f06f
kdelibs-3.3.1-17.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1385
    MD5: 87b968f298a4fbad61467fd172942615
kdelibs-devel-3.3.1-17.el4_8.1.s390x.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2c52fc9aa31cfa8d3d92d5ba90e653c0
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: c3392b7580e1cf4815550b07fe85ec82
 
Red Hat Enterprise Linux AS (v. 4.8.z)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm     MD5: 4545b6643e96a0f55cc886561113f3e8
 
IA-64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.ia64.rpm     MD5: 860d5d29671d5fdc3f2935fbc3b820ee
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm     MD5: fb9a4c8acaf2a31bca9d2d24b1beba8e
 
PPC:
kdelibs-3.3.1-17.el4_8.1.ppc.rpm     MD5: c570fd3a191ff1f12e7e8a4b3d471e09
kdelibs-3.3.1-17.el4_8.1.ppc64.rpm     MD5: 785e8aa2afa5e4332e3624857f92a351
kdelibs-devel-3.3.1-17.el4_8.1.ppc.rpm     MD5: 4ebf586bd29c115a2fb682d9d8124008
 
s390:
kdelibs-3.3.1-17.el4_8.1.s390.rpm     MD5: f6998c13039230f9de371c661144f06f
kdelibs-devel-3.3.1-17.el4_8.1.s390.rpm     MD5: 78d42be438a70418a0df208b55e8ff6b
 
s390x:
kdelibs-3.3.1-17.el4_8.1.s390.rpm     MD5: f6998c13039230f9de371c661144f06f
kdelibs-3.3.1-17.el4_8.1.s390x.rpm     MD5: 87b968f298a4fbad61467fd172942615
kdelibs-devel-3.3.1-17.el4_8.1.s390x.rpm     MD5: 2c52fc9aa31cfa8d3d92d5ba90e653c0
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm     MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm     MD5: c3392b7580e1cf4815550b07fe85ec82
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
kdelibs-3.5.4-25.el5_4.1.src.rpm
File outdated by:  RHEA-2014:0165
    MD5: 056181c7900fa38e644671fc7e90b45c
 
IA-32:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: fa5a37b7c1db482a354e2b65718e92cc
 
x86_64:
kdelibs-3.5.4-25.el5_4.1.i386.rpm
File outdated by:  RHEA-2014:0165
    MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: 66169c07f52da0157f9d966de8104853
kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm
File outdated by:  RHEA-2014:0165
    MD5: f48337f84ec5d862b7d45cf88bb2c250
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 4545b6643e96a0f55cc886561113f3e8
 
IA-64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 860d5d29671d5fdc3f2935fbc3b820ee
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: fb9a4c8acaf2a31bca9d2d24b1beba8e
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: c3392b7580e1cf4815550b07fe85ec82
 
Red Hat Enterprise Linux ES (v. 4.8.z)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm     MD5: 4545b6643e96a0f55cc886561113f3e8
 
IA-64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.ia64.rpm     MD5: 860d5d29671d5fdc3f2935fbc3b820ee
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm     MD5: fb9a4c8acaf2a31bca9d2d24b1beba8e
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm     MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm     MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm     MD5: c3392b7580e1cf4815550b07fe85ec82
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
kdelibs-3.5.4-25.el5_4.1.src.rpm
File outdated by:  RHEA-2014:0165
    MD5: 056181c7900fa38e644671fc7e90b45c
 
IA-32:
kdelibs-3.5.4-25.el5_4.1.i386.rpm     MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm     MD5: fa5a37b7c1db482a354e2b65718e92cc
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm     MD5: 7c01433de5205d5584d602bb87f7917f
 
IA-64:
kdelibs-3.5.4-25.el5_4.1.ia64.rpm     MD5: c4afe74321f8807107bc5e9576ecae9b
kdelibs-apidocs-3.5.4-25.el5_4.1.ia64.rpm     MD5: e4f2c75255d2a41995597bbcbbff69e3
kdelibs-devel-3.5.4-25.el5_4.1.ia64.rpm     MD5: c3b2e52c60f22e3aaa29509ad3e13642
 
PPC:
kdelibs-3.5.4-25.el5_4.1.ppc.rpm     MD5: 8183fcab22297ec203a6e3cf5f74d1eb
kdelibs-3.5.4-25.el5_4.1.ppc64.rpm     MD5: b097692364fa9b8a20111b31a94eb0c8
kdelibs-apidocs-3.5.4-25.el5_4.1.ppc.rpm     MD5: 5dbd23cd21bdc75437911d8d47d33f49
kdelibs-devel-3.5.4-25.el5_4.1.ppc.rpm     MD5: c13943f9a22cb02f70c9c7f09fb19e04
kdelibs-devel-3.5.4-25.el5_4.1.ppc64.rpm     MD5: 0fc4eb986bbb27dc49a2c31e83eac11f
 
s390x:
kdelibs-3.5.4-25.el5_4.1.s390.rpm     MD5: 3b73055c430b2ffe383703f774245379
kdelibs-3.5.4-25.el5_4.1.s390x.rpm     MD5: b3c15e3291e89a732e0c800e1a627efe
kdelibs-apidocs-3.5.4-25.el5_4.1.s390x.rpm     MD5: 814e224d4b7e87cb2c18a8c555feed19
kdelibs-devel-3.5.4-25.el5_4.1.s390.rpm     MD5: cd8791f4cb7c1790b35de71a96e5db07
kdelibs-devel-3.5.4-25.el5_4.1.s390x.rpm     MD5: b6ded2e4c039fea757e15b70bd280d8c
 
x86_64:
kdelibs-3.5.4-25.el5_4.1.i386.rpm     MD5: ac973bc8906b782667d042e78bb025a4
kdelibs-3.5.4-25.el5_4.1.x86_64.rpm     MD5: 66169c07f52da0157f9d966de8104853
kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm     MD5: f48337f84ec5d862b7d45cf88bb2c250
kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm     MD5: 7c01433de5205d5584d602bb87f7917f
kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm     MD5: a7de5df14f389442fbd608a391053123
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
kdelibs-3.3.1-17.el4_8.1.src.rpm
File outdated by:  RHSA-2011:1385
    MD5: fe1fe275a572f8f4be4010ca8a309f5b
 
IA-32:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 4545b6643e96a0f55cc886561113f3e8
 
IA-64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 860d5d29671d5fdc3f2935fbc3b820ee
kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm
File outdated by:  RHSA-2011:1385
    MD5: fb9a4c8acaf2a31bca9d2d24b1beba8e
 
x86_64:
kdelibs-3.3.1-17.el4_8.1.i386.rpm
File outdated by:  RHSA-2011:1385
    MD5: 2342c9e71c14506426919943826ad03c
kdelibs-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: 1fe3be936d71a5660c3b1eb383f1af5b
kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm
File outdated by:  RHSA-2011:1385
    MD5: c3392b7580e1cf4815550b07fe85ec82
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

539784 - CVE-2009-0689 kdelibs remote array overrun


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/