--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-745 2005-08-15 --------------------------------------------------------------------- Product : Fedora Core 3 Name : kdeedu Version : 3.4.2 Release : 0.fc3.2 Summary : Educational/Edutainment applications for KDE Description : Educational/Edutainment applications for KDE --------------------------------------------------------------------- Update Information: Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked. The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user invoking the conversion script. This update fixes these vulnerabilities. --------------------------------------------------------------------- * Tue Aug 9 2005 Than Ngo <than@xxxxxxxxxx> 3.4.2-0.fc3.2 - apply patch to fix tempfile vulnerability, CAN-2005-2101, #165606 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/ 16f0ba99cbd812599efc87f439e3cd3e SRPMS/kdeedu-3.4.2-0.fc3.2.src.rpm d76cb28b1363d42cc95ed2e8b6ce453f x86_64/kdeedu-3.4.2-0.fc3.2.x86_64.rpm 9e3beda785a248d2b32fda76c8274be8 x86_64/kdeedu-devel-3.4.2-0.fc3.2.x86_64.rpm 14ba8ddbcb79d5c5800024843c7dd2f7 x86_64/debug/kdeedu-debuginfo-3.4.2-0.fc3.2.x86_64.rpm 918f1d116b2b47b7fc7be55ef1ce5dd8 i386/kdeedu-3.4.2-0.fc3.2.i386.rpm 0461f594898e6caa6745cbf4017ce617 i386/kdeedu-devel-3.4.2-0.fc3.2.i386.rpm f0a8f527a6f30c9e78118804e54b73ca i386/debug/kdeedu-debuginfo-3.4.2-0.fc3.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-announce-list
