[CLA-2003:747] Conectiva Security Announcement - kde

To: conectiva-updates@xxxxxxxxxxxxxxxxxxxxxxxxxxx, lwn@xxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, security-alerts@xxxxxxxxxxxxxxxxx, linsec@xxxxxxxxxxxxxxxxxx
Subject: [CLA-2003:747] Conectiva Security Announcement - kde
From: Conectiva Updates <secure@xxxxxxxxxxxxxxxx>
Date: Fri, 19 Sep 2003 17:44:57 -0300
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT 
- --------------------------------------------------------------------------

PACKAGE   : kde
SUMMARY   : Several vulnerabilities (kdm, konqueror, ps/pdf file handling)
DATE      : 2003-09-19 17:44:00
ID        : CLA-2003:747
RELEVANT
RELEASES  : 8, 9

- -------------------------------------------------------------------------

DESCRIPTION
 KDE is a very popular graphical desktop environment available for
 GNU/Linux and other operating systems.
 
 This update includes fixes for several vulnerabilities in the KDE
 versions distributed with Conectiva Linux:
 
 - Konqueror Referrer Leaking Website Authentication Credentials[1].
 Konqueror may inadvertently forward (via the HTTP-referrer header)
 authentication credentials to websites in clear text. An attacker can
 create a scenario were the user visits a malicious website using a
 link from a authenticated site and thus gain the authentication
 credentials. The Common Vulnerabilities and Exposures (CVE) project
 has assigned the name CAN-2003-0459 to this issue[2].
 
 - KDM privilege escalation with specific PAM modules[3].
 It has been reported that under certain specific PAM configurations,
 kdm may give root access to a local user. This is caused because of a
 flaw in the pam_setcred() function call. The Common Vulnerabilities
 and Exposures (CVE) project has assigned the name CAN-2003-0690 to
 this issue[4].
 
 - KDM weak session cookies[3].
 KDM generates session cookies (used as an authentication schema) in
 an unsafe manner (with not enough entropy), allowing attackers to
 more easily guess it. The Common Vulnerabilities and Exposures (CVE)
 project has assigned the name CAN-2003-0692 to this issue[5].
 
 - PS/PDF file handling vulnerability[6]. (Conectiva Linux 8 only)*
 In several cases, kde applications call the ghostview program to
 handle PS and PDF files in an insecure way (without the
 -DPARANOIDSAFER or -SAFER parameters), which may allow attackers to
 execute commands using crafted PS/PDF files. Since these files may
 came from remote or untrusted sources (e-mail, web sites and network
 connections), remote attackers can exploit this vulnerability to
 execute arbitrary commands in the user's context using such sources
 as attack vectors. The Common Vulnerabilities and Exposures (CVE)
 project has assigned the name CAN-2003-0204 to this issue[7].
 
 * A previous announcement[8] (CLSA-2003:668) has already included the
 fixes for Conectiva Linux 9.
 
 Please note that the KDE packages for Conectiva Linux 8 are being
 updated to the 3.0.5b version[9], added of patches for the two first
 aforementioned vulnerabilities. In the case of Conectiva Linux 9,
 only the affected packages are being updated (with patches).
 
 KDE users from Conectiva Linux 7.0 are also vulnerable to these
 issues and to a "Konqueror Embedded SSL vulnerability"[10]. It's
 recommended that these users upgrade to Conectiva Linux 8 or
 Conectiva Linux 9, which contain several improvements for desktop
 users.


SOLUTION
 It is recommended that all KDE users upgrade their packages. Please
 note that after the new packages installation, you must restart KDE
 in order to run the new version.
 
 
 REFERENCES:
 1.http://www.kde.org/info/security/advisory-20030729-1.txt
 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0459
 3.http://www.kde.org/info/security/advisory-20030916-1.txt
 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690
 5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0692
 6.http://www.kde.org/info/security/advisory-20030409-1.txt
 7.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0204
 
8.http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000668&idioma=en
 9.http://www.kde.org/info/3.0.5b.php
 10.http://www.kde.org/info/security/advisory-20030602-1.txt


UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/8/RPMS/kde-common-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-common-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-core-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-devel-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-devel-static-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kaddressbook-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kappfinder-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kate-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kcontrol-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kcontrol-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kdesktop-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-khelpcenter-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-khelpcenter-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kicker-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kicker-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kio-audiocd-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kmenuedit-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kmenuedit-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kscreensaver-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-ksysguard-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-ksysguard-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-ktip-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kwin-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-kxkb-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-libkonq-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-nsplugins-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-sounds-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-themes-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdebase-wallpapers-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-common-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-devel-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kamera-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kcoloredit-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kdvi-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kdvi-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kfax-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kfract-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kfract-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kghostview-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kghostview-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kiconedit-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kiconedit-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kooka-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kpaint-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kpaint-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kruler-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-ksnapshot-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-ksnapshot-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kuickshow-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kview-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdegraphics-kview-doc-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdelibs-artsinterface-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdelibs-config-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdelibs-docbook-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdelibs3-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdelibs3-devel-3.0.5b-1U80_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdm-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/kdm-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/konqueror-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/konqueror-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/konsole-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/konsole-doc-3.0.5b-1U80_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/kdebase-3.0.5b-1U80_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/kdegraphics-3.0.5b-1U80_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/SRPMS/kdelibs3-3.0.5b-1U80_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kdelibs3-3.1.2-28927U90_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/kdm-3.1.2-28535U90_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/kdebase-3.1.2-28535U90_4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/kdelibs3-3.1.2-28927U90_2cl.src.rpm


ADDITIONAL INSTRUCTIONS
 The apt tool can be used to perform RPM packages upgrades:

 - run:                 apt-get update
 - after that, execute: apt-get upgrade

 Detailed instructions reagarding the use of apt and upgrade examples 
 can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at 
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
Copyright (c) 2003 Conectiva Inc.
http://www.conectiva.com

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@xxxxxxxxxxxxxxxxxxxxxxxxxxx
unsubscribe: conectiva-updates-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE/a2rI42jd0JmAcZARArExAJ4tTOBVpIWuFL5rfyB8iPRO31aOiQCeIYAb
OpkH1u630X0KluRaTZbNwFs=
=2/aO
-----END PGP SIGNATURE-----
Prev by Date: RE: Wave of fake Official Microsoft Advisory
Next by Date: [Advisory] Powerslave 4.3 Information Leak Vuln.
Previous by thread: RE: Wave of fake Official Microsoft Advisory
Next by thread: [Advisory] Powerslave 4.3 Information Leak Vuln.
Index(es):
- Date
- Thread