Security update to kdelibs


Author: JT Smith

Posted at kdesu created a world-readable temporary file to exchange authentication
information and delete it shortly after. This can be abused by a local
user to gain access to the X server and can result in a compromise of the
account kdesu accesses.

This update also fixes memory leaks in Konqueror (khtml) and KDebug, as
well as some minor bugs.

kdelibs 2.2alpha1 includes those fixes, as well; if you’re using the
experimental package from rawhide or, you don’t need to
downgrade to the errata package for security reasons.


  • Linux