USN-2304-1: KDE-Libs vulnerability
Ubuntu Security Notice USN-2304-1
31st July, 2014
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
kauth could be tricked into bypassing polkit authorizations.
- kde4libs - KDE 4 core applications and libraries
It was discovered that kauth was using polkit in an unsafe manner. A local
attacker could possibly use this issue to bypass intended polkit
The problem can be corrected by updating your system to the following package version:
- Ubuntu 14.04 LTS:
- kdelibs5-plugins 4:4.13.2a-0ubuntu0.3
- Ubuntu 12.04 LTS:
- kdelibs5-plugins 4:4.8.5-0ubuntu0.4
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.