-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                   ESB-2007.0759 -- [UNIX/Linux][RedHat]
                     Moderate: kdebase security update
                              9 October 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              kdebase
Publisher:            Red Hat
Operating System:     Red Hat Enterprise Linux AS/ES/WS 4
                      Red Hat Enterprise Linux AS/ES/WS 5
                      UNIX variants (UNIX, Linux, OSX)
Impact:               Increased Privileges
                      Inappropriate Access
                      Provide Misleading Information
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-4569 CVE-2007-4224 CVE-2007-3820

Ref:                  ESB-2007.0720
                      ESB-2007.0649

Original Bulletin:    https://rhn.redhat.com/errata/RHSA-2007-0905.html

Comment: This advisory references vulnerabilities in products which run on
         platforms other than RedHat. It is recommended that administrators
         running kde check for an updated version of the software for
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: kdebase security update
Advisory ID:       RHSA-2007:0905-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0905.html
Issue date:        2007-10-08
Updated on:        2007-10-08
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-4569 CVE-2007-3820 CVE-2007-4224 
- - ---------------------------------------------------------------------

1. Summary:

Updated kdebase packages that resolve several security flaws are now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

The kdebase packages provide the core applications for KDE, the K Desktop
Environment. These core packages include Konqueror, the web browser and
file manager.

These updated packages address the following vulnerabilities:

Kees Huijgen found a flaw in the way KDM handled logins when autologin and
"shutdown with password" were enabled.  A local user would have been able
to login via KDM as any user without requiring a password. (CVE-2007-4569)

Two Konqueror address spoofing flaws were discovered. A malicious web site
could spoof the Konqueror address bar, tricking a victim into believing the
page was from a different site. (CVE-2007-3820, CVE-2007-4224)

Users of KDE should upgrade to these updated packages, which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

248537 - CVE-2007-3820 Spoofing of URI possible in Konqueror's address bar
251708 - CVE-2007-4224 URL spoof in address bar
287311 - CVE-2007-4569 kdm password-less login vulnerability

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdebase-3.3.1-6.el4.src.rpm
0e7a33a2e43f2cd507e2c699ed182e77  kdebase-3.3.1-6.el4.src.rpm

i386:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
6ae3e11f0b1762380e73d91d8bd52805  kdebase-devel-3.3.1-6.el4.i386.rpm

ia64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
4080c57c9d0eb829bba52d586050b9f7  kdebase-3.3.1-6.el4.ia64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
459bc922b6881bd3ef10199db218ca12  kdebase-debuginfo-3.3.1-6.el4.ia64.rpm
bca85b0ad189043614ac62ce158cd9a1  kdebase-devel-3.3.1-6.el4.ia64.rpm

ppc:
797edcbc95370892dd9de67764fcebff  kdebase-3.3.1-6.el4.ppc.rpm
d291ff830e08e407b915498c4d2bec11  kdebase-3.3.1-6.el4.ppc64.rpm
920ca223a09af679376788a2fb453237  kdebase-debuginfo-3.3.1-6.el4.ppc.rpm
28900fbb39c5bb68a34ad2cdf962cce8  kdebase-debuginfo-3.3.1-6.el4.ppc64.rpm
02d25dc71e3b286b9d70fb906547c1ee  kdebase-devel-3.3.1-6.el4.ppc.rpm

s390:
a6259b08ab051eb436f5908fe14f5f24  kdebase-3.3.1-6.el4.s390.rpm
4181c309c0e3e5f5195cb0f9bf41d664  kdebase-debuginfo-3.3.1-6.el4.s390.rpm
6f74b509c6ba0e588d3006158dc9d51f  kdebase-devel-3.3.1-6.el4.s390.rpm

s390x:
a6259b08ab051eb436f5908fe14f5f24  kdebase-3.3.1-6.el4.s390.rpm
9b24c7ebbe3757844be4afb6764f90ce  kdebase-3.3.1-6.el4.s390x.rpm
4181c309c0e3e5f5195cb0f9bf41d664  kdebase-debuginfo-3.3.1-6.el4.s390.rpm
950527579d1c7e91bb1d8b432839cfe3  kdebase-debuginfo-3.3.1-6.el4.s390x.rpm
b488fe840b23130fcb83a964a632c04e  kdebase-devel-3.3.1-6.el4.s390x.rpm

x86_64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
2e88800d1b84083080172915aa66e4b5  kdebase-3.3.1-6.el4.x86_64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
1c7654265f0065e950ca950ef47ded0a  kdebase-debuginfo-3.3.1-6.el4.x86_64.rpm
ead5a943fd891d92cb7dc68bcef7826b  kdebase-devel-3.3.1-6.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdebase-3.3.1-6.el4.src.rpm
0e7a33a2e43f2cd507e2c699ed182e77  kdebase-3.3.1-6.el4.src.rpm

i386:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
6ae3e11f0b1762380e73d91d8bd52805  kdebase-devel-3.3.1-6.el4.i386.rpm

x86_64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
2e88800d1b84083080172915aa66e4b5  kdebase-3.3.1-6.el4.x86_64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
1c7654265f0065e950ca950ef47ded0a  kdebase-debuginfo-3.3.1-6.el4.x86_64.rpm
ead5a943fd891d92cb7dc68bcef7826b  kdebase-devel-3.3.1-6.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdebase-3.3.1-6.el4.src.rpm
0e7a33a2e43f2cd507e2c699ed182e77  kdebase-3.3.1-6.el4.src.rpm

i386:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
6ae3e11f0b1762380e73d91d8bd52805  kdebase-devel-3.3.1-6.el4.i386.rpm

ia64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
4080c57c9d0eb829bba52d586050b9f7  kdebase-3.3.1-6.el4.ia64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
459bc922b6881bd3ef10199db218ca12  kdebase-debuginfo-3.3.1-6.el4.ia64.rpm
bca85b0ad189043614ac62ce158cd9a1  kdebase-devel-3.3.1-6.el4.ia64.rpm

x86_64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
2e88800d1b84083080172915aa66e4b5  kdebase-3.3.1-6.el4.x86_64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
1c7654265f0065e950ca950ef47ded0a  kdebase-debuginfo-3.3.1-6.el4.x86_64.rpm
ead5a943fd891d92cb7dc68bcef7826b  kdebase-devel-3.3.1-6.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdebase-3.3.1-6.el4.src.rpm
0e7a33a2e43f2cd507e2c699ed182e77  kdebase-3.3.1-6.el4.src.rpm

i386:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
6ae3e11f0b1762380e73d91d8bd52805  kdebase-devel-3.3.1-6.el4.i386.rpm

ia64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
4080c57c9d0eb829bba52d586050b9f7  kdebase-3.3.1-6.el4.ia64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
459bc922b6881bd3ef10199db218ca12  kdebase-debuginfo-3.3.1-6.el4.ia64.rpm
bca85b0ad189043614ac62ce158cd9a1  kdebase-devel-3.3.1-6.el4.ia64.rpm

x86_64:
4293f4d3f0e1168e29dfab6257655dd9  kdebase-3.3.1-6.el4.i386.rpm
2e88800d1b84083080172915aa66e4b5  kdebase-3.3.1-6.el4.x86_64.rpm
8dc6b2b0dc4f689f84e1d90916b8b5b3  kdebase-debuginfo-3.3.1-6.el4.i386.rpm
1c7654265f0065e950ca950ef47ded0a  kdebase-debuginfo-3.3.1-6.el4.x86_64.rpm
ead5a943fd891d92cb7dc68bcef7826b  kdebase-devel-3.3.1-6.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdebase-3.5.4-15.el5.src.rpm
aa0b359a47ff978b465d54bee7650895  kdebase-3.5.4-15.el5.src.rpm

i386:
bf677edbe1fdcf6a4ece9c584d93b8ef  kdebase-3.5.4-15.el5.i386.rpm
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm

x86_64:
bf677edbe1fdcf6a4ece9c584d93b8ef  kdebase-3.5.4-15.el5.i386.rpm
333546f51e787502de426209747feb79  kdebase-3.5.4-15.el5.x86_64.rpm
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm
97f9c313bbe321df3f246ca2dd9ca0c3  kdebase-debuginfo-3.5.4-15.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdebase-3.5.4-15.el5.src.rpm
aa0b359a47ff978b465d54bee7650895  kdebase-3.5.4-15.el5.src.rpm

i386:
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm
e67261c295813b9f51d3534de4617a46  kdebase-devel-3.5.4-15.el5.i386.rpm

x86_64:
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm
97f9c313bbe321df3f246ca2dd9ca0c3  kdebase-debuginfo-3.5.4-15.el5.x86_64.rpm
e67261c295813b9f51d3534de4617a46  kdebase-devel-3.5.4-15.el5.i386.rpm
5c0aef38590702d9b9c13cab87b4ba4e  kdebase-devel-3.5.4-15.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kdebase-3.5.4-15.el5.src.rpm
aa0b359a47ff978b465d54bee7650895  kdebase-3.5.4-15.el5.src.rpm

i386:
bf677edbe1fdcf6a4ece9c584d93b8ef  kdebase-3.5.4-15.el5.i386.rpm
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm
e67261c295813b9f51d3534de4617a46  kdebase-devel-3.5.4-15.el5.i386.rpm

ia64:
94ddb56d1e0170014e7274211f0f5813  kdebase-3.5.4-15.el5.ia64.rpm
2f781b36f9368c7e3292b7ab4ca04733  kdebase-debuginfo-3.5.4-15.el5.ia64.rpm
842fc8df4d585792f2d03102385e8cef  kdebase-devel-3.5.4-15.el5.ia64.rpm

ppc:
a596dcc157092602ba35a6e926c196cf  kdebase-3.5.4-15.el5.ppc.rpm
d8f78019b7b79bdc75a44a1ae2089fac  kdebase-3.5.4-15.el5.ppc64.rpm
6f8dc739f9d8894d8ad03462b8c81bf6  kdebase-debuginfo-3.5.4-15.el5.ppc.rpm
ee63b6defec2f759f80c0f8ea1d06637  kdebase-debuginfo-3.5.4-15.el5.ppc64.rpm
d6ab4becd323dbfc9ca5bad7c6827e87  kdebase-devel-3.5.4-15.el5.ppc.rpm
acbe4ebcb7c6b4b9c2a858af9b314caa  kdebase-devel-3.5.4-15.el5.ppc64.rpm

s390x:
3e9d1752110a82c727e41ffadf4c2cea  kdebase-3.5.4-15.el5.s390.rpm
8fa7bf1d8ccb6a1646a0ee2c05e2c54d  kdebase-3.5.4-15.el5.s390x.rpm
1bc000691ddee37f77f4f73995975293  kdebase-debuginfo-3.5.4-15.el5.s390.rpm
b2df75a2b7f0d7fae7f24e51d05a44b0  kdebase-debuginfo-3.5.4-15.el5.s390x.rpm
cc6726d7eebcd9e1cc9811cf2b8b8661  kdebase-devel-3.5.4-15.el5.s390.rpm
c6d4567f015a6d31010c3724060d1fcb  kdebase-devel-3.5.4-15.el5.s390x.rpm

x86_64:
bf677edbe1fdcf6a4ece9c584d93b8ef  kdebase-3.5.4-15.el5.i386.rpm
333546f51e787502de426209747feb79  kdebase-3.5.4-15.el5.x86_64.rpm
f5f008459a0974338f81bd7ee558ab98  kdebase-debuginfo-3.5.4-15.el5.i386.rpm
97f9c313bbe321df3f246ca2dd9ca0c3  kdebase-debuginfo-3.5.4-15.el5.x86_64.rpm
e67261c295813b9f51d3534de4617a46  kdebase-devel-3.5.4-15.el5.i386.rpm
5c0aef38590702d9b9c13cab87b4ba4e  kdebase-devel-3.5.4-15.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4224
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHCea9XlSAg2UNWIIRAhDLAJ9xEc0ooD1OLYgGOznBf0KMbqeL9wCfXh9J
UGsWuHnf7N/Xfr9Rx5wSGio=
=Y2Ex
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRwqyrih9+71yA2DNAQKV0QP+Nq+iU2Rs3IIrhzYZWcs13btC37BtfXJe
sNtfTkyq6HekX6XKIlPgB5JsTcpDQtDdtmcjttMftjPg6/7qlqlrncaeK90n48MM
EuC+WewcJrf1WBifMcERMZLR/t6kConr7t0ByURDiKImutjKsJA6uQCtmRr9IHVg
6h38iPw1crk=
=TZtQ
-----END PGP SIGNATURE-----