Mailinglist Archive: opensuse-updates (48 mails)

< Previous Next >
openSUSE-SU-2014:0981-1: moderate: kdelibs4: update to fix a DBUS / PolicyKit checking race condition
openSUSE Security Update: kdelibs4: update to fix a DBUS / PolicyKit
checking race condition
______________________________________________________________________________

Announcement ID: openSUSE-SU-2014:0981-1
Rating: moderate
References: #819437 #864716
Cross-References: CVE-2014-5033
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that solves one vulnerability and has one errata
is now available.

Description:


KDE4 Libraries and Workspace received a security fix to fix a race
condition in DBUS/Polkit authorization, where local attackers could
potentially call root KDE services without proper authenticiation.
(CVE-2014-5033)

Additionaly a interlaced GIF display bug in KHTML was fixed. (kde#330148)

This update also includes a kdebase4-workspace minor version update to
4.11.11 with various bugfixes.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2014-485

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

kde4-kgreeter-plugins-4.11.11-115.3
kde4-kgreeter-plugins-debuginfo-4.11.11-115.3
kdebase4-workspace-4.11.11-115.3
kdebase4-workspace-branding-upstream-4.11.11-115.3
kdebase4-workspace-debuginfo-4.11.11-115.3
kdebase4-workspace-debugsource-4.11.11-115.3
kdebase4-workspace-devel-4.11.11-115.3
kdebase4-workspace-devel-debuginfo-4.11.11-115.3
kdebase4-workspace-ksysguardd-4.11.11-115.3
kdebase4-workspace-ksysguardd-debuginfo-4.11.11-115.3
kdebase4-workspace-liboxygenstyle-4.11.11-115.3
kdebase4-workspace-liboxygenstyle-debuginfo-4.11.11-115.3
kdebase4-workspace-plasma-calendar-4.11.11-115.3
kdebase4-workspace-plasma-calendar-debuginfo-4.11.11-115.3
kdelibs4-4.11.5-484.1
kdelibs4-branding-upstream-4.11.5-484.1
kdelibs4-core-4.11.5-484.1
kdelibs4-core-debuginfo-4.11.5-484.1
kdelibs4-debuginfo-4.11.5-484.1
kdelibs4-debugsource-4.11.5-484.1
kdelibs4-doc-4.11.5-484.1
kdelibs4-doc-debuginfo-4.11.5-484.1
kdm-4.11.11-115.3
kdm-branding-upstream-4.11.11-115.3
kdm-debuginfo-4.11.11-115.3
krandr-4.11.11-115.3
krandr-debuginfo-4.11.11-115.3
kwin-4.11.11-115.3
kwin-debuginfo-4.11.11-115.3
libkde4-4.11.5-484.1
libkde4-debuginfo-4.11.5-484.1
libkde4-devel-4.11.5-484.1
libkdecore4-4.11.5-484.1
libkdecore4-debuginfo-4.11.5-484.1
libkdecore4-devel-4.11.5-484.1
libkdecore4-devel-debuginfo-4.11.5-484.1
libksuseinstall-devel-4.11.5-484.1
libksuseinstall1-4.11.5-484.1
libksuseinstall1-debuginfo-4.11.5-484.1
python-kdebase4-4.11.11-115.3

- openSUSE 13.1 (x86_64):

kdebase4-workspace-liboxygenstyle-32bit-4.11.11-115.3
kdebase4-workspace-liboxygenstyle-debuginfo-32bit-4.11.11-115.3
libkde4-32bit-4.11.5-484.1
libkde4-debuginfo-32bit-4.11.5-484.1
libkdecore4-32bit-4.11.5-484.1
libkdecore4-debuginfo-32bit-4.11.5-484.1
libksuseinstall1-32bit-4.11.5-484.1
libksuseinstall1-debuginfo-32bit-4.11.5-484.1

- openSUSE 13.1 (noarch):

kdelibs4-apidocs-4.11.5-484.1


References:

http://support.novell.com/security/cve/CVE-2014-5033.html
https://bugzilla.novell.com/819437
https://bugzilla.novell.com/864716


< Previous Next >
This Thread
  • No further messages