Fedora Core 11 FEDORA-2009-8039 (kdelibs)

Summary
The remote host is missing an update to kdelibs announced via advisory FEDORA-2009-8039.
Solution
Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update kdelibs' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8039
Insight
Update Information: This update fixes several security issues in KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-0945, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, libplasma was fixed to make Plasmaboard (a virtual keyboard applet) work, and a bug in a Fedora patch which made builds of the SRPM on single-CPU machines fail was fixed. ChangeLog: * Sun Jul 26 2009 Kevin Kofler - 4.2.4-6 - fix CVE-2009-1725 - crash, possible ACE in numeric character references - fix CVE-2009-1690 - crash, possible ACE in KHTML ( use-after-free) - fix CVE-2009-1687 - possible ACE in KJS (FIXME: still crashes?) - fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling - fix CVE-2009-0945 - NULL-pointer dereference in the SVGList interface impl * Thu Jul 23 2009 Jaroslav Reznik - 4.2.4-5 - CVE-2009-2537 - select length DoS - correct fixPopupForPlasmaboard.patch * Wed Jul 8 2009 Kevin Kofler - 4.2.4-4 - fix CMake dependency in parallel_devel patch (#510259, CHIKAMA Masaki)
References