GLSA-201406-34 : KDE Libraries: Multiple vulnerabilities
Medium Nessus Plugin ID 76305
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201406-34 (KDE Libraries: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in KDE Libraries. Please review the CVE identifiers referenced below for details.
A remote attacker could cause a man-in-the-middle attack via any certificate issued by a legitimate certification authority. Furthermore, a local attacker may gain knowledge of user passwords through an information leak.
There is no known workaround at this time.
SolutionAll KDE users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=kde-base/kdelibs-4.12.5-r1'