USN-608-1: KDE vulnerability

06 May 2008

KDE vulnerability




It was discovered that start_kdeinit in KDE 3 did not properly sanitize
its input. A local attacker could exploit this to send signals to other
processes and cause a denial of service or possibly execute arbitrary
code. (CVE-2008-1671)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04
Ubuntu 7.10
Ubuntu 7.04

After a standard system upgrade you need to restart your session to effect
the necessary changes.