mailing list archives
Re: CVE Request -- kde-workspace 4.10.5 fixing two security flaws
From: "mancha" <mancha1 () hush com>
Date: Tue, 16 Jul 2013 18:49:34 +0000
On Tue, 16 Jul 2013 15:50:25 +0000 "Jan Lieskovsky" wrote:
Hello Kurt, Steve, vendors,
while not listed in the announcement:
looks like kde-workspace v4.10.5 fixed two security flaws
(the second one a minor one):
* Issue #1 - Possible NULL pointer dereference in KDM and
KCheckPass when glibc 2.17 (eglibc 2.17) or FIPS enabled system
Hi Jan et al.
Actually, issue #1's fix (CVE-2013-4132) just missed the
deadline for 4.10.5 by a day or two. The FIXED-IN entry in the
revision comment is inaccurate.
Distribs, when upgrading to kde-workspace 4.10.5, should apply