![](https://seccdn.libravatar.org/avatar/27aacf61a13c66fcc083fcf8a84823bc.jpg?s=120&d=mm&r=g)
Satoru Matsumoto wrote:
David C. Rankin wrote:
I updated to the latest KDE last night from openSuSE BuildService on a x86-64 machine via yast and seem to have picked up a bug doing it.
I met the same trouble in openSUSE 10.3 i386 environment on my laptop.
The problem was triggered by updating "kdelibs3*" packages to version 3.5.7-72.9 or later and I think it is related to the issue CVE-2008-1671:
start_kdeinit in KDE 3.5.5 through 3.5.9, when installed setuid root, allows local users to cause a denial of service and possibly execute arbitrary code via "user-influenceable input" (probably command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to other processes.
http://www.suse.de/~meissner/cve/CVE-2008-1671.html
I downgraded "kdelibs3*" packages to version 3.5.7-72.6, which I found in the "Updates" repository, and the problem isn't reproduced.
On the other hand, I have other desktops, on which I installed openSUSE 10.3 i386 and x86_64, and in those environments, the problem isn't reproduced by updating "kdelibs3*" packages to version 3.5.7-72.9 though. So, the problem was provided not only by updating "kdelibs3*" packages, but also by other conditions, which is not specified yet.
Thanks Satoru. I'm glad to know that I'm not going crazy. I will try and downgrade and see if I can cure this weird problem. Have a good evening. -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org