-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2007-19
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 21 Mar 2007
 Last revised: 21 Mar 2007

 Package: kdelibs

 Summary: KHTML vulnerability

 More information:
    KDE libraries is a comprehensive family of ready to use components for
    building highly integrated, network-enabled desktop applications.

    Remote attackers to conduct cross-site scripting (XSS) attacks.
    
 Impact:
    The KHTML component shipped with the KDE libraries is prone to a 
    cross-site scripting (XSS) vulnerability.

 Affected Products:
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   kdelibs-3.4.2-22.src.rpm
     16986426 d777761e9c68247a925af00cae658df6

   Binary Packages
   Size: MD5

   kdelibs-3.4.2-22.i686.rpm
     18612257 526b4a2e0e13c86107116586e01be238
   kdelibs-devel-3.4.2-22.i686.rpm
      1545072 c440da59b9dbc57e4aa87a947dcfe690

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/kdelibs-3.1.5-22.src.rpm
     10598661 976a79d06258519491d0af1f31dd5c82

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/kdelibs-3.1.5-22.x86_64.rpm
     11918089 1f3213ade68f1d30b6bb18ebd4b3791f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/kdelibs-devel-3.1.5-22.x86_64.rpm
       925758 9c92b59504513c7743870b9be4efd62b

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/kdelibs-3.1.5-22.src.rpm
     10598661 cd39da68bce937abc50eed48cce34399

   Binary Packages
   Size: MD5

   kdelibs-3.1.5-22.i586.rpm
     11491174 4d280f607e6034d3dd04a9442cfe9cbd
   kdelibs-devel-3.1.5-22.i586.rpm
     28105995 43593871838b2dd49a93b1aba6d0f29f

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/kdelibs-3.1.5-22.src.rpm
     10598661 a9f7ad3299fd94a65bf50796705e86af

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kdelibs-3.1.5-22.i586.rpm
     11434546 f94e5fff700b3f8c43b22d49b065dd98
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/kdelibs-devel-3.1.5-22.i586.rpm
       925699 5b91cecc8f6e319bcfe13492ea55dbbc


 References:

 CVE
   [CVE-2007-0537]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0537

 --------------------------------------------------------------------------
 Revision History
    21 Mar 2006 Initial release
 --------------------------------------------------------------------------
 Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGALE1K0LzjOqIJMwRAiWbAKCRjqXiqi9zYmBwEWa6EghWFQog/ACfT6BT
2e+P8XLUrX/Jm40Wm+i00lo=
=6Ecu
-----END PGP SIGNATURE-----