ELSA-2019-2606

Опубликовано: 04 сент. 2019

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2019-2606: kdelibs and kde-settings security and bug fix update (IMPORTANT)

kdelibs [6:4.14.8-11]

KConfig: malicious .desktop files would execute code Resolves: bz#1740736

kde-settings [19-23.10.0.1]

Change GreetString [bug 11710280]

[19-23.10]

Use correct tcsh syntax for config scripts Resolves: bz#1738491

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kde-settings

19-23.10.0.1.el7_7

kde-settings-ksplash

19-23.10.0.1.el7_7

kde-settings-minimal

19-23.10.0.1.el7_7

kde-settings-plasma

19-23.10.0.1.el7_7

kde-settings-pulseaudio

19-23.10.0.1.el7_7

kdelibs

4.14.8-11.el7_7

kdelibs-apidocs

4.14.8-11.el7_7

kdelibs-common

4.14.8-11.el7_7

kdelibs-devel

4.14.8-11.el7_7

kdelibs-ktexteditor

4.14.8-11.el7_7

qt-settings

19-23.10.0.1.el7_7

Oracle Linux x86_64

kde-settings

19-23.10.0.1.el7_7

kde-settings-ksplash

19-23.10.0.1.el7_7

kde-settings-minimal

19-23.10.0.1.el7_7

kde-settings-plasma

19-23.10.0.1.el7_7

kde-settings-pulseaudio

19-23.10.0.1.el7_7

kdelibs

4.14.8-11.el7_7

kdelibs-apidocs

4.14.8-11.el7_7

kdelibs-common

4.14.8-11.el7_7

kdelibs-devel

4.14.8-11.el7_7

kdelibs-ktexteditor

4.14.8-11.el7_7

qt-settings

19-23.10.0.1.el7_7

Связанные CVE

CVE-2019-14744

Ссылки на источники

Связанные уязвимости

CVE-2019-14744

CVSS3: 7.8

ubuntu

больше 6 лет назад

In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.