Debian Security Advisory

DLA-76-1 kde4libs -- LTS security update

Date Reported:
24 Oct 2014
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2014-5033.
More information:

It was discovered that KAuth, part of kdelibs, uses polkit in a way that is prone to a race condition that may allow authorization bypass.

For Debian 6 Squeeze, these issues have been fixed in kde4libs version 4:4.4.5-2+squeeze4