Ubuntu Security Notice USN-502-1
26th August, 2007
kdebase, kdelibs vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 7.04
- Ubuntu 6.10
- Ubuntu 6.06 LTS
Software description
- kdebase
- kdelibs
Details
It was discovered that Konqueror could be tricked into displaying
incorrect URLs. Remote attackers could exploit this to increase their
chances of tricking a user into visiting a phishing URL, which could
lead to credential theft.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 7.04:
- kdelibs4c2a 4:3.5.6-0ubuntu14.1
- konqueror 4:3.5.6-0ubuntu20.2
- Ubuntu 6.10:
- kdelibs4c2a 4:3.5.5-0ubuntu3.5
- konqueror 4:3.5.5-0ubuntu3.5
- Ubuntu 6.06 LTS:
- kdelibs4c2a 4:3.5.2-0ubuntu18.5
- konqueror 4:3.5.2-0ubuntu27.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to restart your session to
effect the necessary changes.