[Bug 661416] [NEW] Uncontrolled XMLHTTPRequest vulnerability
Felix Geyer
debfx-pkg at fobos.de
Fri Oct 15 19:10:21 UTC 2010
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: kdelibs
In kdelibs 4:3.5.10.dfsg.1-3ubuntu1 the patch security_05_XMLHttpRequest_vulnerability.diff has been accidentally dropped.
It has been pushed to hardy-karmic some time ago and I just uploaded it to natty.
So currently lucid and maverick are vulnerable.
** Affects: kdelibs (Ubuntu)
Importance: Undecided
Status: Fix Released
** Affects: kdelibs (Ubuntu Lucid)
Importance: Undecided
Status: New
** Affects: kdelibs (Ubuntu Maverick)
Importance: Undecided
Status: New
** Visibility changed to: Public
** Also affects: kdelibs (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: kdelibs (Ubuntu Maverick)
Importance: Undecided
Status: New
** Changed in: kdelibs (Ubuntu)
Status: New => Fix Released
--
Uncontrolled XMLHTTPRequest vulnerability
https://bugs.launchpad.net/bugs/661416
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdelibs in ubuntu.
More information about the kubuntu-bugs
mailing list