-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-3
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 24 Jan 2006
 Last revised: 25 Jan 2006

 Package: kdelibs

 Summary: Heap overflow

 More information:
    Kdelibs are main libraries for the K Desktop Environment.
    The JavaScript interpreter engine used by Konqueror and other
    parts of KDE, that allows a heap based buffer overflow
    when decoding specially crafted UTF-8 encoded URI sequences.

 Impact:
    Remotely supplied Javascript code can perform a heap overflow
    and crash the web browser or execute arbitrary code.

 Affected Products:
    - Turbolinux FUJI


 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   kdelibs-3.4.2-18.src.rpm
     16981339 2b0c1462c651e628160b117a2062ccf6

   Binary Packages
   Size: MD5

   kdelibs-3.4.2-18.i686.rpm
     19123946 dbf590f1a29cdc5c2593abe5f01bf5ae
   kdelibs-devel-3.4.2-18.i686.rpm
      1545363 7e99787f041fbccae10074e853e44498


 References:

 KDE Security Advisory
   [advisory-20060119-1]
   http://kde.org/info/security/advisory-20060119-1.txt

 CVE
   [CAN-2006-0019]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0019

 --------------------------------------------------------------------------
 Revision History
    24 Jan 2006 Initial release
    25 Jan 2006 Typo Original released date
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD1lVVK0LzjOqIJMwRAn58AKC7DOhcM4tuvL59b6mdFzexmgMPHwCcCZwt
i1NK5kOe83U42ByPOCFFrDM=
=mA0k
-----END PGP SIGNATURE-----