kdelibs security update

CentOS Errata and Security Advisory CESA-2006:0184

kdelibs contains libraries for the K Desktop Environment (KDE).

A heap overflow flaw was discovered affecting kjs, the JavaScript
interpreter engine used by Konqueror and other parts of KDE. An attacker
could create a malicious web site containing carefully crafted JavaScript
code that would trigger this flaw and possibly lead to arbitrary code
execution. The Common Vulnerabilities and Exposures project assigned the
name CVE-2006-0019 to this issue.

NOTE: this issue does not affect KDE in Red Hat Enterprise Linux 3 or 2.1.

Users of KDE should upgrade to these updated packages, which contain a
backported patch from the KDE security team correcting this issue as well
as two bug fixes.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-January/074749.html
https://lists.centos.org/pipermail/centos-announce/2006-January/074750.html
https://lists.centos.org/pipermail/centos-announce/2006-January/074758.html
https://lists.centos.org/pipermail/centos-announce/2006-January/074759.html
https://lists.centos.org/pipermail/centos-announce/2006-January/074761.html

Affected packages:
kdelibs
kdelibs-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2006:0184