Language Selection

English French German Italian Portuguese Spanish

KDE flaws put Linux, Unix systems at risk

Filed under
KDE

A serious vulnerability has been found in the popular KDE open-source software bundle. The flaw, deemed "critical" by the research outfit the French Security Incident Response Team, could allow a remote attacker to gain control over vulnerable systems.

For an attack to be successful, a person would have to visit the attacker's Web page using Konqueror, the FrSIRT said in its alert. Affected are KDE 3.2.0 up to and including KDE 3.5.0. Fixes are available.

Full Story.

From the horse's mouth:

The KDE Project released a security advisory today for a heap overflow vulnerability in KJS. Earlier this month, a number of integer overflows affecting KPDF, and consequentially KOffice were found and fixed. Patches have been made available and your distributor should have updated binary packages. The KDE security advisory page has an overview of all KDE advisories. Links to source patches are contained in the advisories.

The Dot with links to the patches. Distribution vendors should have updated packages available shortly.

More in Tux Machines

Ubuntu MATE 15.04 Vivid Vervet Beta 1 Released, Ubuntu MATE Is Now Official Flavor


ubuntu 15.04 beta released with official release for MATE

Ubuntu 15.04 Vivid Vervet MATE Beta 1 released today with other flavors of Ubuntu like KDE, Xfce, LXDE and GNOME desktop environment. Although, as usual Ubuntu unity has not taken part in Beta release. And first time Ubuntu MATE is an official releaed.
 

Read at LinuxAndUbuntu