kleines kde problem


Well-Known Member
Das übersetzen spar ich mir mal

[2004-05-17] KDE Security Advisory: URI Handler Vulnerabilities

iDEFENSE identified a vulnerability in the Opera Web Browser that could allow remote attackers to create or truncate arbitrary files. The KDE team has found that similar vulnerabilities exists in KDE. The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning of the hostname passed, which makes it possible to pass an option to the programs started by the handlers.

All versions prior to 3.2.2_3 of the x11/kdelibs3 port are affected. We recommend updating to version 3.2.2_3 immediately.

If you are currently running a KDE version earlier than 3.2.2, we strongly recommend updating all other parts of KDE which you have installed to the version currently available in ports at the time of this news entry. We do not recommend or support running kdelibs-3.2.2_3 with ports of earlier releases of other kde modules (for example kdebase-3.2.1 or kdenetwork-3.1.4). Refer to our instructions for updating and, if necessary, the special notes regarding updating from KDE 3.1.x.