FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6d21a287-fce0-11e0-a828-00235a5f2c9akdelibs4, rekonq -- input validation failure

KDE Security Advisory reports:

The default rendering type for a QLabel is QLabel::AutoText, which uses heuristics to determine whether to render the given content as plain text or rich text. KSSL and Rekonq did not properly force its QLabels to use QLabel::PlainText. As a result, if given a certificate containing rich text in its fields, they would render the rich text. Specifically, a certificate containing a common name (CN) that has a table element will cause the second line of the table to be displayed. This can allow spoofing of the certificate's common name.


Discovery 2011-10-03
Entry 2011-10-23
kdelibs
>= 4.0.* lt 4.7.2

rekonq
< 0.8.0

http://www.kde.org/info/security/advisory-20111003-1.txt
http://www.nth-dimension.org.uk/pub/NDSA20111003.txt.asc
CVE-2011-3365
CVE-2011-3366