CVE-2009-2537 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2537): KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
kde-base/konqueror-4.3.1 does not crash. AFAIK 3.5.10 will be removed along with the other kde-3 stuff, but I'm not sure if we could pmask it already?
We're going to add the mask for KDE-3.5 today.
KDE 3 is not in tree any more. CC us again if you need anything. thanks
This issue has been fixed since Oct 18, 2009. No GLSA will be issued.