Bulletins de sécurité

Veuillez rapporter les possibles problèmes de sécurité à security@kde.org. Nous pourrons alors étudier le problème.

Les problèmes de sécurité rapportés sont traités selon la politique de sécurité de KDE.

Bulletins

Les bulletins de sécurité sont mis à jour ici et dans les pages d'informations des versions affectées par les problèmes de sécurité. La liste ci-dessous esr en ordren chronologique.

• 2006-04-04 Kaffeine http_peek() buffer overflow
• 2006-03-10 kpdf/xpdf heap based buffer overflow
• 2006-02-02 kpdf/xpdf heap based buffer overflow
• 2006-01-19 kjs encodeuri/decodeuri heap overflow vulnerability
• 2006-01-03 kpdf/xpdf multiple integer overflows
• 2005-10-11 KOffice KWord RTF import buffer overflow
• 2005-09-05 kcheckpass local root vulnerability
• 2005-08-15 langen2kvtml tempfile handling vulnerability
• 2005-08-09 kpdf infinite temp file DoS
• 2005-07-21 libgadu multiple vulnerabilities
• 2005-07-18 Kate backup file permission leak
• 2005-05-04 Patch updates for kimgio and Kommander
• 2005-04-21 kimgio input validation errors
• 2005-04-20 Kommander untrusted code execution
• 2005-03-16 Local DCOP denial of service vulnerability
• 2005-03-16 Konqueror International Domain Name Spoofing
• 2005-03-16 Insecure temporary file creation by dcopidlng
• 2005-02-28 kppp Privileged fd Leak Vulnerability
• 2005-02-15 Buffer overflow in fliccd of kdeedu/kstars/indi
• 2005-01-21 Multiple vulnerabilities in Konversation
• 2005-01-20 KOffice PDF import filter buffer overflow (third)
• 2005-01-19 kpdf buffer overflow
• 2005-01-01 ftp kioslave command injection
• 2004-12-23 KOffice PDF importer integer overflow vulnerability
• 2004-12-23 kpdf Buffer Overflow Vulnerability
• 2004-12-20 Konqueror Java Vulnerability
• 2004-12-13 Konqueror Window Injection Vulnerability
• 2004-12-09 kfax libtiff vulnerabilities
• 2004-12-09 plain text password exposure
• 2004-10-30 KOffice PDF importer integer overflow vulnerability
• 2004-10-21 multiple kpdf integer overflows
• 2004-08-23 Konqueror Cross-Domain Cookie Injection
• 2004-08-11 Temporary Directory Vulnerability
• 2004-08-11 DCOPServer Temporary Filename Vulnerability
• 2004-08-11 Konqueror Frame Injection Vulnerability
• 2004-05-17 URI Handler Vulnerabilities
• 2004-01-14 VCF file information reader vulnerability
• 2003-09-16 KDM local root / weak session cookie generation
• 2003-07-29 Konqueror HTTP Authentication credential leak
• 2003-06-02 KDE 2.2 / Konqueror Embedded SSL vulnerability
• 2003-04-09 PS/PDF file handling vulnerability
• 2002-12-20 Multiple KDE vulnerabilities
• 2002-11-11 resLISa / LISa Vulnerabilities
• 2002-11-11 rlogin.protocol and telnet.protocol URL KIO Vulnerability
• 2002-10-08 kpf Directory traversal
• 2002-10-08 KGhostview Arbitrary Code Execution
• 2002-09-08 Konqueror Cross Site Scripting Vulnerability
• 2002-09-08 Secure Cookie Vulnerability
• 2002-08-18 Konqueror SSL vulnerability
• 1998-11-18 KDE Screensaver Vulnerability

[ Edit ]