On 1/23/06, Claude Jones <claude_jones@xxxxxxxxxxxxxx> wrote: > On Monday 23 January 2006 3:13 pm, Rahul Sundaram wrote: > > Follow http://fedoraproject.org/wiki/Security procedures and report it > > if its not already done in bugzilla. I suspect the security team is > > already tackling this. > > As reported by Fedora-announce, the patch was released on Fri. If you've > updated since Saturday, you're probably fine --- from the announcement: > > "Update Information: > > A heap overflow flaw was discovered affecting kjs, the > JavaScript interpreter engine used by Konqueror and other > parts of KDE. An attacker could create a malicious web site > containing carefully crafted JavaScript code that would > trigger this flaw and possibly lead to arbitrary code > execution. The Common Vulnerabilities and Exposures project > assigned the name CVE-2006-0019 to this issue. " > > Claude Jones > Bluemont, VA, USA > Then I'm good! I'm signing up for fedora-security (and test). It seems that the signup form has been removed from fedora.redhat.com. To those who may look for it: http://fedoraproject.org/wiki/Communicate#head-e515a6e891efe6e2f1c8faa0434f8b5422510668 There's now 36 different mailing lists for Fedora! You could do one a day for a month and still have leftovers for a week! http://technology-sleuth.com/technical_answer/what_is_hdtv.html
