[dot-stories] Konqueror Cross Site Scripting Vulnerability
by way of Douglas J Hunley <doug@hunley.homeip.net>
scoop
Mon May 17 11:37:27 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NEW STORY FOR THE DOT
http://dot.kde.org/
Konqueror Cross Site Scripting Vulnerability
http://dot.kde.org/1031692876/
KONQUEROR CROSS SITE SCRIPTING VULNERABILITY
Posted by Dirk Mueller [mueller at kde.org]
Tuesday 10/Sep/2002, @23:21
from the "make-it-right-this-time" dept.
The KDE Project released two security advisories today. The first
advisory [http://www.kde.org/info/security/advisory-20020908-1.txt] is
about a vulnerability in handling secure cookies, which has been fixed
already in the KDE 3.0.3 release.
[http://www.kde.org/announcements/announce-3.0.3.html] Another
vulnerability [http://www.kde.org/info/security/advisory-20020908-2.txt]
was discovered last week on Bugtraq, which is related to the cross site
scripting protection in Konqueror. A patch
[ftp://ftp.kde.org/pub/kde/security_patches/] and an updated kdelibs
[http://download.kde.org/stable/3.0.3/src/kdelibs-3.0.3a.tar.bz2]
package was released today to fix both problems. The KDE 3.0.3 Info page
[http://www.kde.org/info/3.0.3.html] was updated as well. It is
recommended to updade immediately.
___________________________________________________________________________
This message digest is from the dot-stories mailing list.
Please visit http://lists.kde.com/lists/listinfo/dot-stories to
manage your account, such as unsubscribing or setting digest mode.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9foK8SrrWWknCnMIRAhd+AKDS4FBbwNpdYQdAPC/JGyD99KYiEwCgpFFJ
Y9la7tMqj7dVWb0E5GqrCmI=
=9u7S
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list