USN-502-1: KDE vulnerabilities
26 August 2007
kdebase, kdelibs vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06 LTS
Software Description
- kdebase
- kdelibs
Details
It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 7.04
- kdelibs4c2a - 4:3.5.6-0ubuntu14.1
- konqueror - 4:3.5.6-0ubuntu20.2
- Ubuntu 6.10
- kdelibs4c2a - 4:3.5.5-0ubuntu3.5
- konqueror - 4:3.5.5-0ubuntu3.5
- Ubuntu 6.06 LTS
- kdelibs4c2a - 4:3.5.2-0ubuntu18.5
- konqueror - 4:3.5.2-0ubuntu27.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to restart your session to effect the necessary changes.