Bug 722501

Summary: CVE-2011-3365 KSSL - KDE Security Advisory: KSSL and Rekonq Input Validation Failure
Product: [openSUSE] openSUSE 11.4 Reporter: Forgotten User --EoyBps8f <forgotten_--EoyBps8f>
Component: KDE4 WorkspaceAssignee: E-mail List <kde-maintainers>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Critical    
Priority: P5 - None CC: ctrippe
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: openSUSE 11.4   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Forgotten User --EoyBps8f 2011-10-06 14:04:03 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux i686; rv:7.0) Gecko/20100101 Firefox/7.0

http://www.kde.org/info/security/advisory-20111003-1.txt

Affected are KDE > 4.6.0 including 4.7.2 (although the doc states differently) and maybe even 4.4 etc. if I understood correctly so updates are needed for 11.3, 11.4, the repos STABLE, KDF, KR46, KR47 and Tumbleweed and any repos that contain rekonq < 0.7.0.

1. Systems affected:

    KSSL as shipped with KDE SC 4.6.0 up to and including KDE SC 4.7.1.
    Earlier versions of KDE SC may also be affected. Rekonq versions up to at
    least 0.7.0 are also affected.

Reproducible: Always
Comment 1 Christian Trippe 2011-10-06 17:15:33 UTC 
dup

*** This bug has been marked as a duplicate of bug 721974 ***