Security advisory from KDE upstream
Bug #1178286 reported by
Rohan Garg
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kdelibs |
Fix Released
|
Medium
|
|||
kde4libs (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Undecided
|
Unassigned | ||
Quantal |
Fix Released
|
Undecided
|
Unassigned | ||
Raring |
Fix Released
|
Undecided
|
Unassigned | ||
Saucy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Noticifations about errors sometimes contain password when using KDE.
There is a patch upstream over here https:/
All supported versions of kde4libs need to be patched
CVE References
Changed in kde4libs (Ubuntu Saucy): | |
status: | New → Fix Released |
tags: | added: kubuntu |
Changed in kdelibs: | |
importance: | Unknown → Medium |
status: | Unknown → Fix Released |
information type: | Private Security → Public Security |
Changed in kde4libs (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in kde4libs (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in kde4libs (Ubuntu Raring): | |
status: | New → Confirmed |
Changed in kde4libs (Ubuntu Precise): | |
status: | Confirmed → Fix Committed |
Changed in kde4libs (Ubuntu Quantal): | |
status: | Confirmed → Fix Committed |
Changed in kde4libs (Ubuntu Raring): | |
status: | Confirmed → Fix Committed |
To post a comment you must log in.
I just received a notification from the ressource which read "internal server error" and the url https:/ /username:<email address hidden> /remote. php.carddav. ..
I believe it is not a good idea to have a password in a notication.
Reproducible: Always