- Committer: Bazaar Package Importer
- Date: 2009-12-07 17:17:57 UTC
- mfrom: (0.1.4 squeeze)
- Revision ID: james.westby@ubuntu.com-20091207171757-jozcmq25o8kyhire
* SECURITY UPDATE: IO Slaves input sanitization errors
- KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer from
directory traversal. It should be noted that the scope of this
issue is limited as the malicious URIs cannot be embedded in
Internet hosted content.
- Add security_01_info_kio_no_javascript.diff, stops javascript
within info kio slave
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE n/a
- KDE protocol handlers perform insufficient input validation, an
attacker can craft malicious URI that would trigger JavaScript
execution. Additionally the 'help://' protocol handler suffer from
directory traversal. It should be noted that the scope of this
issue is limited as the malicious URIs cannot be embedded in
Internet hosted content.
- Add security_01_info_kio_no_javascript.diff, stops javascript
within info kio slave
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE n/a
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 .. |
|||||||
cmake
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
debian
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
desktoptheme
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
doc
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
drkonqi
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kcmshell
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kcontrol
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kde-menu
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kdebugdialog
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kdeeject
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kdesu
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
keditfiletype
|
1.1.20 | 15 years ago | Bazaar Package Importer | Import upstream version 4.2.85 |
|
||
|
kfile
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kglobalaccel
|
1.1.20 | 15 years ago | Bazaar Package Importer | Import upstream version 4.2.85 |
|
||
|
khelpcenter
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kiconfinder
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kioclient
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kioexec
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kioslave
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kmimetypefinder
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
knetattach
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
knewstuff
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
knotify
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kpasswdserver
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kquitapp
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kreadconfig
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kstart
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kstyles
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
ktimezoned
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
ktraderclient
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kuiserver
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kurifilter-plugins
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
kwalletd
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
l10n
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
menu
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
nepomuk
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
phonon
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
pics
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
plasma
|
1.1.21 | 15 years ago | Bazaar Package Importer | Import upstream version 4.2.90 |
|
||
|
platforms
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
renamedlgplugins
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
solid-hardware
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
|
solidautoeject
|
1.1.20 | 15 years ago | Bazaar Package Importer | Import upstream version 4.2.85 |
|
||
|
soliduiserver
|
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er |
|
||
CMakeLists.txt |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 4.2 KB |
|
|
|
config-runtime.h.cmake |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 1.4 KB |
|
|
|
COPYING |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 17.8 KB |
|
|
|
COPYING.LIB |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 25.9 KB |
|
|
kde4 |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 266 bytes |
|
|
|
Mainpage.dox |
83 | 14 years ago | Bazaar Package Importer | * SECURITY UPDATE: IO Slaves input sanitization er | 2.1 KB |
|
|