[Bug 1668871] Re: kio: Information Leak when accessing https when using a malicious PAC file
Launchpad Bug Tracker
1668871 at bugs.launchpad.net
Thu Mar 2 13:28:18 UTC 2017
This bug was fixed in the package kde4libs - 4:4.14.22-0ubuntu2.1
---------------
kde4libs (4:4.14.22-0ubuntu2.1) yakkety-security; urgency=medium
* SECURITY UPDATE:Information Leak when accessing https when using a
malicious PAC file
- debian/patches/kio-sanitize-url-to-FindProxyForURL.patch
- Thanks to Safebreach Labs researchers Safebreach Labs researchers
Itzik Kotler, Yonatan Fridburg and Amit Klein for reporting this
issue, Albert Astals Cid for fixing this issue.
- No CVE number.
- fixes (LP: #1668871)
-- vishnu at vishnunaini.com (v.naini) Wed, 01 Mar 2017 14:38:27 +0530
** Changed in: kde4libs (Ubuntu Yakkety)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kde4libs in Ubuntu.
https://bugs.launchpad.net/bugs/1668871
Title:
kio: Information Leak when accessing https when using a malicious PAC
file
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kde4libs/+bug/1668871/+subscriptions
More information about the kubuntu-bugs
mailing list