Summary: | <kde-apps/kdepimlibs-{4.14.10-r2,4.14.11_pre20160211-r2}, <kde-frameworks/kcoreaddons-5.26.0-r2: HTML injection in plain text viewer | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Palimaka (kensington) <kensington> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.kde.org/info/security/advisory-20161006-1.txt | ||
Whiteboard: | A4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 596282 | ||
Bug Blocks: | 596214 |
Description
Michael Palimaka (kensington)
2016-10-05 10:39:29 UTC
Arch teams, please test and stabilise: kde-apps/kdepimlibs-4.14.10-r1 kde-apps/kdepimlibs-4.14.11_pre20160211-r1 Target KEYWORDS="amd64 x86". kde-frameworks/kcoreaddons is fixed in 5.26.0-r1, however that will he handled separately in bug #596282. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Cleanup is done for kde-apps/kdepimlibs, I will wait a few days to clean up old kde-frameworks/kcoreaddons since this requires also cleaning up all related kde-frameworks packages and 5.26 is only just going stable. Cleanup complete. GLSA Vote: No Upstream has advised that the previously-announced fixes were insufficient. Arch teams, please test and stabilise: kde-frameworks/kcoreaddons-5.26.0-r2 kde-apps/kdepimlibs-4.14.10-r2 kde-apps/kdepimlibs-4.14.11_pre20160211-r2 This also affected kde-frameworks/kcoreaddons-5.27.0 (testing) and is fixed in -r1. amd64 stable x86 stable. Maintainer(s), please cleanup. Thanks. Cleanup done. Remove maintainer from cc. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f7a6154791d723f7fcbf279d65c8bea98e6ad972 https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9805f9685e3de42755d769ab31e73e30416cc1ef |