Please Install the Updated Packages.

The K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdebase packages include core applications for KDE. A privilege escalation flaw was found in the KDE Display Manager (KDM). A local user with console access could trigger a race condition, possibly resulting in the permissions of an arbitrary file being set to world writable, allowing privilege escalation. (CVE-2010-0436) Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for responsibly reporting this issue. Users of KDE should upgrade to these updated packages, which contain a backported patch to correct this issue. The system should be rebooted for this update to take effect. After the reboot, administrators should manually remove all leftover user-owned dmctl-* directories in &quot /var/run/xdmctl/&quot .

kdebase on CentOS 4

• http://lists.centos.org/pipermail/centos-announce/2010-April/016625.html

---

Updated on 2015-03-25