The kdenetwork packages contain networking applications for the K Desktop
Environment (KDE).
A directory traversal flaw was found in the way KGet, a download manager,
handled the “file” element in Metalink files. An attacker could use this
flaw to create a specially-crafted Metalink file that, when opened, would
cause KGet to overwrite arbitrary files accessible to the user running
KGet. (CVE-2011-1586)
Users of kdenetwork should upgrade to these updated packages, which contain
a backported patch to resolve this issue. The desktop must be restarted
(log out, then log back in) for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | s390x | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.s390x.rpm |
RedHat | 6 | x86_64 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.x86_64.rpm |
RedHat | 6 | ppc | kdenetwork-debuginfo | < 4.3.4-11.el6_0.1 | kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc.rpm |
RedHat | 6 | src | kdenetwork | < 4.3.4-11.el6_0.1 | kdenetwork-4.3.4-11.el6_0.1.src.rpm |
RedHat | 6 | ppc64 | kdenetwork-debuginfo | < 4.3.4-11.el6_0.1 | kdenetwork-debuginfo-4.3.4-11.el6_0.1.ppc64.rpm |
RedHat | 6 | ppc64 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.ppc64.rpm |
RedHat | 6 | i686 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.i686.rpm |
RedHat | 6 | ppc | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.ppc.rpm |
RedHat | 6 | s390 | kdenetwork-libs | < 4.3.4-11.el6_0.1 | kdenetwork-libs-4.3.4-11.el6_0.1.s390.rpm |
RedHat | 6 | ppc64 | kdenetwork | < 4.3.4-11.el6_0.1 | kdenetwork-4.3.4-11.el6_0.1.ppc64.rpm |