From c5283d322accc6097afec74eab24550829788bab Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 23 Mar 2018 04:19:44 +0000 Subject: gentoo resync : 23.03.2018 --- metadata/glsa/glsa-201803-09.xml | 59 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 metadata/glsa/glsa-201803-09.xml (limited to 'metadata/glsa/glsa-201803-09.xml') diff --git a/metadata/glsa/glsa-201803-09.xml b/metadata/glsa/glsa-201803-09.xml new file mode 100644 index 000000000000..a2b75c881a85 --- /dev/null +++ b/metadata/glsa/glsa-201803-09.xml @@ -0,0 +1,59 @@ + + + + KDE Plasma Workspaces: Multiple vulnerabilities + Multiple vulnerabilities have been found in KDE Plasma Workspaces, + the worst of which allows local attackers to execute arbitrary commands. + + plasma-workspace + 2018-03-19 + 2018-03-19 + 647106 + local, remote + + + 5.11.5-r1 + 5.11.5-r1 + + + +

KDE Plasma workspace is a widget based desktop environment designed to + be fast and efficient. +

+ + +

Multiple vulnerabilities have been discovered in KDE Plasma Workspaces. + Please review the referenced CVE identifiers for details. +

+ + + +

An attacker could execute arbitrary commands via specially crafted thumb + drive’s volume labels or obtain sensitive information via specially + crafted notifications. +

+ + +

Users should mount removable devices with Dolphin instead of the device + notifier. +

+ +

Users should disable notifications.

+ + +

All KDE Plasma Workspace users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose + ">=kde-plasma/plasma-workspace-5.11.5-r1" + + + + + CVE-2018-6790 + CVE-2018-6791 + + chrisadr + chrisadr + -- cgit v1.2.3