Advisories ยป MGASA-2014-0478

Updated kdebase4-runtime and kwebkitpart packages fix security vulnerability

Publication date: 21 Nov 2014
Modification date: 21 Nov 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8600

Description

kwebkitpart and the bookmarks:// io slave were not sanitizing input correctly
allowing to some javascript being executed on the context of the referenced
hostname (CVE-2014-8600).
                

References

SRPMS

4/core

3/core