__________________________________________________________
The U.S. Department of Energy
Computer Incident Advisory Capability
___ __ __ _ ___
/ | /_\ /
\___ __|__ / \ \___
__________________________________________________________
INFORMATION BULLETIN
kdelibs Security Update
[Red Hat RHSA-2006:0720-5]
October 18, 2006 18:00 GMT Number R-019
[REVISED 31 Oct 2006]
______________________________________________________________________________
PROBLEM: An interger overflow flaw was found in the way Qt handled
pixmap images.
PLATFORM: Red Hat Desktop (v. 3 & v. 4)
Red Hat Enterprise Linux AS, ES, WS (v.2.1, v.3, & v.4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
Debian 3.1 (stable)
DAMAGE: An attacher could execute arbitrary code with the privileges of
the victim or crash Konqueror.
SOLUTION: Upgrade to the appropriate version.
______________________________________________________________________________
VULNERABILITY The risk is MEDIUM. An attacher could execute arbitrary code
ASSESSMENT: with the privileges of the victim or crash Konqueror.
______________________________________________________________________________
LINKS:
CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-019.shtml
ORIGINAL BULLETIN: Red Hat RHSA-2006:0720-5
https://rhn.redhat.com/errata/RHSA-2006-0720.html
ADDITIONAL LINK: Debian Security Advisory DSA-1200-1
http://www.debian.org/security/2006/dsa-1200
CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=
CVE-2006-4811
______________________________________________________________________________
REVISION HISTORY:
10/31/2006 - revised to add a link to Debian Security Advisory DSA-1200-1
for Debian 3.1 (stable).
[***** Start Red Hat RHSA-2006:0720-5 *****]
Critical: kdelibs security update
Advisory: RHSA-2006:0720-5
Type: Security Advisory
Issued on: 2006-10-18
Last updated on: 2006-10-18
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2006-4811
Details
Updated kdelibs packages that correct an integer overflow flaw are now
available.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
The kdelibs package provides libraries for the K Desktop Environment (KDE).
Qt is a GUI software toolkit for the X Window System.
An integer overflow flaw was found in the way Qt handled pixmap images.
The KDE khtml library uses Qt in such a way that untrusted parameters could
be passed to Qt, triggering the overflow. An attacker could for example
create a malicious web page that when viewed by a victim in the Konqueror
browser would cause Konqueror to crash or possibly execute arbitrary code
with the privileges of the victim. (CVE-2006-4811)
Users of KDE should upgrade to these updated packages, which contain a
backported patch to correct this issue.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Updated packages
Red Hat Desktop (v. 3)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92
IA-32:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-devel-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8
x86_64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.x86_64.rpm 05cddb98cc096807430e17eab725d811
kdelibs-devel-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd
Red Hat Desktop (v. 4)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170
IA-32:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-devel-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da
x86_64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.x86_64.rpm 84bbed7e29aaab4bba60154ff934985c
kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65
Red Hat Enterprise Linux AS (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3
IA-32:
arts-2.2.2-21.EL2.i386.rpm e0ee638b0a77beb375bc060bfaca2641
kdelibs-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20
kdelibs-devel-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7
kdelibs-sound-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a
kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24
IA-64:
arts-2.2.2-21.EL2.ia64.rpm f380e28d6a7d8fe6a9ad2b85db431afe
kdelibs-2.2.2-21.EL2.ia64.rpm d36cf8ece25170b621ec363fdaf1c4d7
kdelibs-devel-2.2.2-21.EL2.ia64.rpm 00d5b7cea3e8180f4b75d12162939ffb
kdelibs-sound-2.2.2-21.EL2.ia64.rpm d6df99d11aec63bd41fd1c4729500f33
kdelibs-sound-devel-2.2.2-21.EL2.ia64.rpm 294cbf6d4556abe209000a77fe7158c9
Red Hat Enterprise Linux AS (v. 3)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92
IA-32:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-devel-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8
IA-64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.ia64.rpm e82d1157966f70ecc76b52b24daf0e4e
kdelibs-devel-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d
PPC:
kdelibs-3.1.3-6.12.ppc.rpm 21d58199f68c8397123a2588353804d4
kdelibs-3.1.3-6.12.ppc64.rpm 648937ed5e2debab9a20c359fd98366e
kdelibs-devel-3.1.3-6.12.ppc.rpm a42a48b95f9a99818162c5935126b095
s390:
kdelibs-3.1.3-6.12.s390.rpm 56c438a932ba65b4cd8cb5eb762c13e2
kdelibs-devel-3.1.3-6.12.s390.rpm a0d89f77b3bbea0645dd4a647fd54418
s390x:
kdelibs-3.1.3-6.12.s390.rpm 56c438a932ba65b4cd8cb5eb762c13e2
kdelibs-3.1.3-6.12.s390x.rpm 95a04b9f581838eeb9a5a460888b395d
kdelibs-devel-3.1.3-6.12.s390x.rpm 4900daf824ed5a24a7be87951abc7e46
x86_64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.x86_64.rpm 05cddb98cc096807430e17eab725d811
kdelibs-devel-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd
Red Hat Enterprise Linux AS (v. 4)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170
IA-32:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-devel-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da
IA-64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.ia64.rpm e123583a0a21fb489563815c9c9d1868
kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5
PPC:
kdelibs-3.3.1-6.RHEL4.ppc.rpm c18280f098ff9b6d99dd58ad51782041
kdelibs-3.3.1-6.RHEL4.ppc64.rpm 1c334f023c58a14d572454e9b45f1b2b
kdelibs-devel-3.3.1-6.RHEL4.ppc.rpm 095995d375aa9760e4a4c1bdb9388634
s390:
kdelibs-3.3.1-6.RHEL4.s390.rpm 85f41346ff63f6d21f39dd3febbec970
kdelibs-devel-3.3.1-6.RHEL4.s390.rpm 8ec078b136feb262c48b44ed36c5dc2e
s390x:
kdelibs-3.3.1-6.RHEL4.s390.rpm 85f41346ff63f6d21f39dd3febbec970
kdelibs-3.3.1-6.RHEL4.s390x.rpm 9e610b0137cce3c69aa0e07a937171e1
kdelibs-devel-3.3.1-6.RHEL4.s390x.rpm f9cbe45ea627ac1239568ec1a71052fb
x86_64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.x86_64.rpm 84bbed7e29aaab4bba60154ff934985c
kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65
Red Hat Enterprise Linux ES (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3
IA-32:
arts-2.2.2-21.EL2.i386.rpm e0ee638b0a77beb375bc060bfaca2641
kdelibs-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20
kdelibs-devel-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7
kdelibs-sound-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a
kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24
Red Hat Enterprise Linux ES (v. 3)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92
IA-32:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-devel-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8
IA-64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.ia64.rpm e82d1157966f70ecc76b52b24daf0e4e
kdelibs-devel-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d
x86_64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.x86_64.rpm 05cddb98cc096807430e17eab725d811
kdelibs-devel-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd
Red Hat Enterprise Linux ES (v. 4)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170
IA-32:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-devel-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da
IA-64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.ia64.rpm e123583a0a21fb489563815c9c9d1868
kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5
x86_64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.x86_64.rpm 84bbed7e29aaab4bba60154ff934985c
kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65
Red Hat Enterprise Linux WS (v. 2.1)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3
IA-32:
arts-2.2.2-21.EL2.i386.rpm e0ee638b0a77beb375bc060bfaca2641
kdelibs-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20
kdelibs-devel-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7
kdelibs-sound-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a
kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24
Red Hat Enterprise Linux WS (v. 3)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92
IA-32:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-devel-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8
IA-64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.ia64.rpm e82d1157966f70ecc76b52b24daf0e4e
kdelibs-devel-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d
x86_64:
kdelibs-3.1.3-6.12.i386.rpm 403f8d641cfeda9efd11a3c977b8afe7
kdelibs-3.1.3-6.12.x86_64.rpm 05cddb98cc096807430e17eab725d811
kdelibs-devel-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd
Red Hat Enterprise Linux WS (v. 4)
--------------------------------------------------------------------------------
SRPMS:
kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170
IA-32:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-devel-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da
IA-64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.ia64.rpm e123583a0a21fb489563815c9c9d1868
kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5
x86_64:
kdelibs-3.3.1-6.RHEL4.i386.rpm 39ca7148c5937f9884163764ade919c6
kdelibs-3.3.1-6.RHEL4.x86_64.rpm 84bbed7e29aaab4bba60154ff934985c
kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
--------------------------------------------------------------------------------
SRPMS:
kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3
IA-64:
arts-2.2.2-21.EL2.ia64.rpm f380e28d6a7d8fe6a9ad2b85db431afe
kdelibs-2.2.2-21.EL2.ia64.rpm d36cf8ece25170b621ec363fdaf1c4d7
kdelibs-devel-2.2.2-21.EL2.ia64.rpm 00d5b7cea3e8180f4b75d12162939ffb
kdelibs-sound-2.2.2-21.EL2.ia64.rpm d6df99d11aec63bd41fd1c4729500f33
kdelibs-sound-devel-2.2.2-21.EL2.ia64.rpm 294cbf6d4556abe209000a77fe7158c9
(The unlinked packages above are only available from the Red Hat Network)
Bugs fixed (see bugzilla for more information)
210742 - CVE-2006-4811 qt integer overflow
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811
http://www.redhat.com/security/updates/classification/#critical
--------------------------------------------------------------------------------
These packages are GPG signed by Red Hat for security. Our key and details on how
to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at
http://www.redhat.com/security/team/contact/
[***** End Red Hat RHSA-2006:0720-5 *****]
_______________________________________________________________________________
CIAC wishes to acknowledge the contributions of Red Hat for the
information contained in this bulletin.
_______________________________________________________________________________
CIAC, the Computer Incident Advisory Capability, is the computer
security incident response team for the U.S. Department of Energy
(DOE) and the emergency backup response team for the National
Institutes of Health (NIH). CIAC is located at the Lawrence Livermore
National Laboratory in Livermore, California. CIAC is also a founding
member of FIRST, the Forum of Incident Response and Security Teams, a
global organization established to foster cooperation and coordination
among computer security teams worldwide.
CIAC services are available to DOE, DOE contractors, and the NIH. CIAC
can be contacted at:
Voice: +1 925-422-8193 (7x24)
FAX: +1 925-423-8002
STU-III: +1 925-423-2604
E-mail: ciac@ciac.org
Previous CIAC notices, anti-virus software, and other information are
available from the CIAC Computer Security Archive.
World Wide Web: http://www.ciac.org/
Anonymous FTP: ftp.ciac.org
PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing
communities receive CIAC bulletins. If you are not part of these
communities, please contact your agency's response team to report
incidents. Your agency's team will coordinate with CIAC. The Forum of
Incident Response and Security Teams (FIRST) is a world-wide
organization. A list of FIRST member organizations and their
constituencies can be obtained via WWW at http://www.first.org/.
This document was prepared as an account of work sponsored by an
agency of the United States Government. Neither the United States
Government nor the University of California nor any of their
employees, makes any warranty, express or implied, or assumes any
legal liability or responsibility for the accuracy, completeness, or
usefulness of any information, apparatus, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark, manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government or the University of California, and shall not be used for
advertising or product endorsement purposes.
LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC)
R-009: Vulnerabilities in Microsoft Excel
R-010: Vulnerabilities in Microsoft Word
R-011: Vulnerabilities in Microsoft XML Core Services
R-012: Vulnerabilities in Microsoft Office
R-013: Vulnerability in ASP.NET 2.0
R-014: Vulnerability in Windows Object Packager
R-015: Patch available for ColdFusion MX 7
R-016: HP Version Control Agent
R-017: TrendMicro OfficeScan
R-018: Vulnerability in the Netscape Portable Runtime API