July 2005

ID: 00608
Ref: 565/05
Date: 21 July 2005:12:21:40
Version: 1

---

Title: KDE - Two Security Advisories
Abstract: 1. Multiple libgadu vulnerabilities, 2. Kate backup file permission leak
Vendors affected: KDE
Operating systems affected: KDE
Applications affected: KDE

---

Title
=====

KDE - Two Security Advisories:
1. Multiple libgadu vulnerabilities
2. Kate backup file permission leak


Detail
======

Security advisory summaries:

1. Kopete contains a copy of libgadu that is used if no compatible version
is installed in the system. Several input validation errors have been
reported in libgadu that can lead to integer overflows and remote DoS or
arbitrary code execution.

2. Kate / Kwrite create a file backup before saving a modified file. These
backup files are created with default permissions, even if the original
file had more strict permissions set.


Security advisory content follows:


1.


KDE Security Advisory: libgadu vulnerabilities
Original Release Date: 2005-07-21
URL: http://www.kde.org/info/security/advisory-20050721-1.txt

0. References
CVE CAN-2005-1852


1. Systems affected:

All versions of Kopete as included in
KDE 3.3.x up to including 3.4.1. KDE 3.2.x and older
are not affected.


2. Overview:

Kopete contains a copy of libgadu that is used if
no compatible version is installed in the system. Several
input validation errors have been reported in libgadu
that can lead to integer overflows and remote DoS or
arbitrary code execution.


3. Impact:

If the Gadu-Gadu protocol handler in Kopete is used,
remote users can DoS the Kopete client or possibly even
execute arbitrary code.


4. Solution:

Source code patches have been made available that update
the included copy of libgadu to 1.6rc3 which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.


5. Patch:

A patch for KDE 3.4.1 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

675008c8bc9d7edf4d0034a398d15cf0 post-3.4.1-kdenetwork-libgadu.patch

A patch for KDE 3.3.2 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

73ebcef42173bf567d473414693898b0 post-3.3.2-kdenetwork-libgadu.patch




2.


KDE Security Advisory: Kate backup file permission leak
Original Release Date: 2005-07-18
URL: http://www.kde.org/info/security/advisory-20050718-1.txt

0. References
CVE CAN-2005-1920
https://bugs.kde.org/show_bug.cgi?id=103331


1. Systems affected:

All maintained versions of Kate and Kwrite as shipped with
KDE 3.2.x up to including 3.4.0. KDE 3.1.x and older and
KDE 3.4.1 and newer are not affected.


2. Overview:

Kate / Kwrite create a file backup before saving a modified
file. These backup files are created with default permissions,
even if the original file had more strict permissions set.


3. Impact:

Depending on the system security settings, backup files
might be readable by other users. Kate / Kwrite are
network transparent applications and therefore this
vulnerability might not be restricted to local users.


4. Solution:

Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.


5. Patch:

A patch for KDE 3.4.0 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

50f7bc6d8cf4b7aaa65e4e8062fc46c9 post-3.4.0-kdelibs-kate.diff

A patch for KDE 3.3.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :

138c3252883171d55ec24ed0318950fd post-3.3.2-kdelibs-kate.diff

A patch for KDE 3.2.x is available from
ftp://ftp.kde.org/pub/kde/security_patches :

56667c05f545e8c9711c35bf78497bfd post-3.2.3-kdelibs-kate.diff