The KHTML component shipped with the KDE libraries is prone to a cross-site scripting (XSS) vulnerability.
|Package||kde-base/kdelibs on all architectures|
|Affected versions||< 3.5.5-r8|
|Unaffected versions||>= 3.5.5-r8|
KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. KHTML is the HTML interpreter used in Konqueror and other parts of KDE.
There is no known workaround at this time.
All KDElibs users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=kde-base/kdelibs-3.5.5-r8"
March 10, 2007
March 10, 2007: 01