Packages
Details
It was discovered that the KIO subsystem of KDE did not properly perform
input validation when processing help:// URIs. If a user or KIO application
processed a crafted help:// URI, an attacker could trigger JavaScript
execution or access files via directory traversal.
It was discovered that the KIO subsystem of KDE did not properly perform
input validation when processing help:// URIs. If a user or KIO application
processed a crafted help:// URI, an attacker could trigger JavaScript
execution or access files via directory traversal.
Update instructions
After a standard system upgrade you need to restart your session to effect the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 9.10 karmic | kdebase-runtime – 4:4.3.2-0ubuntu4.1 | ||
| 9.04 jaunty | kdebase-runtime – 4:4.2.2-0ubuntu1.1 | ||
| 8.10 intrepid | kdebase-runtime – 4:4.1.4-0ubuntu1~intrepid1.2 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.