Fedora 10 : akonadi-1.2.1-1.fc10 / kde-l10n-4.3.1-2.fc10 / kdeaccessibility-4.3.1-1.fc10 / etc (2009-9427)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing one or more security updates.

Description :

This updates KDE to 4.3.1, the latest upstream bugfix release. The
main improvements are: * KDE 4.3 is now also available in Croatian. *
A crash when editing toolbar setup has been fixed. * Support for
transferring files through SSH using KIO::Fish has been fixed. * A
number of bugs in KWin, KDE's window and compositing manager has been
fixed. * A large number of bugs in KMail, KDE's email client are now
gone. See http://kde.org/announcements/announce-4.3.1.php for more
information. In addition, this update: * fixes a potential security
issue (CVE-2009-2702) with certificate validation in the KIO KSSL
code. It is believed that the affected code is not actually used (the
code in Qt, for which a security update was already issued, is) and
thus the issue is only potential, but KSSL is being patched just in
case, * splits PolicyKit-kde out of kdebase-workspace again to avoid
forcing it onto GNOME-based setups, where PolicyKit-gnome is desired
instead (#519654).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://kde.org/announcements/announce-4.3.1.php
https://bugzilla.redhat.com/show_bug.cgi?id=520661
http://www.nessus.org/u?8baf285b
http://www.nessus.org/u?02a364ab
http://www.nessus.org/u?7cfd1e4c
http://www.nessus.org/u?9f26f431
http://www.nessus.org/u?e22e4ae6
http://www.nessus.org/u?d7ac678d
http://www.nessus.org/u?d5f6c279
http://www.nessus.org/u?75a3da3e
http://www.nessus.org/u?23d3fcca
http://www.nessus.org/u?1094d10d
http://www.nessus.org/u?626f85ae
http://www.nessus.org/u?50355638
http://www.nessus.org/u?cb89b098
http://www.nessus.org/u?fb4b0613
http://www.nessus.org/u?470f2522
http://www.nessus.org/u?e0b1c795
http://www.nessus.org/u?288efabf
http://www.nessus.org/u?989bdcf8
http://www.nessus.org/u?82b6d740
http://www.nessus.org/u?7fb80d49
http://www.nessus.org/u?e20147cc
http://www.nessus.org/u?f56379e0
http://www.nessus.org/u?072c78c7
http://www.nessus.org/u?d3460a6d

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 40991 (fedora_2009-9427.nasl)

Bugtraq ID: 36229

CVE ID: CVE-2009-2702

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now