Fedora 11 : akonadi-1.2.1-1.fc11 / kde-l10n-4.3.1-2.fc11 / kdeaccessibility-4.3.1-1.fc11 / etc (2009-9397)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

This updates KDE to 4.3.1, the latest upstream bugfix release. The
main improvements are: * KDE 4.3 is now also available in Croatian. *
A crash when editing toolbar setup has been fixed. * Support for
transferring files through SSH using KIO::Fish has been fixed. * A
number of bugs in KWin, KDE's window and compositing manager has been
fixed. * A large number of bugs in KMail, KDE's email client are now
gone. See http://kde.org/announcements/announce-4.3.1.php for more
information. In addition, this update: * fixes a potential security
issue (CVE-2009-2702) with certificate validation in the KIO KSSL
code. It is believed that the affected code is not actually used (the
code in Qt, for which a security update was already issued, is) and
thus the issue is only potential, but KSSL is being patched just in
case, * splits PolicyKit-kde out of kdebase-workspace again to avoid
forcing it onto GNOME-based setups, where PolicyKit-gnome is desired
instead (#519654).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://kde.org/announcements/announce-4.3.1.php
https://bugzilla.redhat.com/show_bug.cgi?id=520661
http://www.nessus.org/u?13acfbdd
http://www.nessus.org/u?82e4bfc7
http://www.nessus.org/u?5278128c
http://www.nessus.org/u?962f98d1
http://www.nessus.org/u?806f73e7
http://www.nessus.org/u?9e30b566
http://www.nessus.org/u?695a1178
http://www.nessus.org/u?8dc47c3c
http://www.nessus.org/u?e7ad3e31
http://www.nessus.org/u?ad0ea05a
http://www.nessus.org/u?8ce3be09
http://www.nessus.org/u?a7703de3
http://www.nessus.org/u?70d44980
http://www.nessus.org/u?4937f018
http://www.nessus.org/u?aa76debe
http://www.nessus.org/u?9b702a69
http://www.nessus.org/u?393bda9d
http://www.nessus.org/u?5d5f15fa
http://www.nessus.org/u?57046329
http://www.nessus.org/u?33df8c51
http://www.nessus.org/u?0b16177e
http://www.nessus.org/u?68bf4020
http://www.nessus.org/u?5f0f09ae
http://www.nessus.org/u?2ca49022

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 40990 (fedora_2009-9397.nasl)

Bugtraq ID: 36229

CVE ID: CVE-2009-2702

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now