[Bug 1668871] Re: kio: Information Leak when accessing https when using a malicious PAC file

Launchpad Bug Tracker Thu, 09 Mar 2017 05:41:50 -0800

This bug was fixed in the package kde4libs - 4:4.13.3-0ubuntu0.4

---------------
kde4libs (4:4.13.3-0ubuntu0.4) trusty-security; urgency=medium


  * SECURITY UPDATE: information leak via crafted PAC file (LP: #1668871)
    - debian/patches/CVE-2017-6410.patch: sanitize URLs in
      kio/misc/kpac/script.cpp.
    - CVE-2017-6410

 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Wed, 08 Mar 2017
10:25:45 -0500

** Changed in: kde4libs (Ubuntu Trusty)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668871

Title:
  kio: Information Leak when accessing https when using a malicious PAC
  file

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kde4libs/+bug/1668871/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668871] Re: kio: Information Leak when accessing https when using a malicious PAC file

Reply via email to