Summary: | <kde-base/kdelibs-4.4.5-r4: XSS Vulnerability (CVE-2011-1168) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Andreas K. Hüttel <dilfridge> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | tampakrap |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 361015 | ||
Bug Blocks: |
Description
Andreas K. Hüttel
2011-03-27 14:13:45 UTC
(In reply to comment #0) > Please note that this bug is restricted to the security team. > > kde-base/kdelibs-4.6.1-r2 (current ~arch) contains the patch already. > kde-base/kdelibs-4.4.5-r4 contains the patch, but has no keywords yet (awaiting > some build testing). > Thank you, Andreas. Let us know when you are ready and we can pull in the arch testers. I just re-added the keywords to kde-base/kdelibs-4.4.5-r4 as build tests passed fine (thanks guys!) and filed a stablereq (bug 361015, blocking this one). Stabilization of kde-base/kdelibs-4.4.5-r4 is complete and bug 361015 is only still open because it is assigned to security. Advisories have been published: http://www.kde.org/info/security/advisory-20110411-1.txt http://www.nth-dimension.org.uk/downloads.php?id=82 IMHO no need to keep this classified anymore. (In reply to comment #3) > Stabilization of kde-base/kdelibs-4.4.5-r4 is complete and bug 361015 is only > still open because it is assigned to security. > > IMHO no need to keep this classified anymore. Great, thanks and agreed. Closing NO GLSA since it is a XSS vulnerability. |