-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-28
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 25 Apr 2007
Last revised: 25 Apr 2007
Package: kdelibs
Summary: UTF-8 sequences
More information:
KDE libraries is a comprehensive family of ready to use components for
building highly integrated, network-enabled desktop applications.
Remote attackers to conduct cross-site scripting (XSS) attacks.
Impact:
KJS where UTF8 decoding did not reject overlong sequences.
Affected Products:
- wizpy
- Turbolinux FUJI
<wizpy>
Source Packages
Size: MD5
kdelibs-3.4.2-26.src.rpm
16988512 e1e79407b594b06ee6ffc2994913db61
Binary Packages
Size: MD5
kdelibs-3.4.2-26.i386.rpm
16354431 fe59846ac21ccac4fe2d204ea017f399
<Turbolinux FUJI>
Source Packages
Size: MD5
kdelibs-3.4.2-26.src.rpm
16988512 506ad5a0a0de4326e08133eee3187739
Binary Packages
Size: MD5
kdelibs-3.4.2-26.i686.rpm
18608473 59b798f7f7829fae537e80c9cf9fd8d7
kdelibs-devel-3.4.2-26.i686.rpm
1547204 ebe6b2755574e41cf232cdb2674c4d19
References:
CVE
[CVE-2007-0242]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242
--------------------------------------------------------------------------
Revision History
25 Apr 2007 Initial release
--------------------------------------------------------------------------
Copyright(C) 2007 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFGLyGHK0LzjOqIJMwRAsmFAKCV0M0zRyZiuYsBYmnrJSGyxTj4OgCgnX4I
Yk0ecemH9kCxUqlBZ5p3jZI=
=TaQr
-----END PGP SIGNATURE-----