[Secure-testing-team] Bug#766796: konqueror: Konqueror is vulnerable to the Poodle attack

Patrick Häcker pat_h at web.de
Sat Oct 25 21:50:40 UTC 2014 

Package: konqueror
Version: 4:4.14.1-1
Severity: grave
Tags: security
Justification: user security hole

Dear Maintainer,

according to https://www.poodletest.com/ Konqueror is still vulnerable to the
Poodle attack.
If this is only fixable in KHTML or WebKit, please move the bug there.

As all the other major browsers plan to deactivate SSLv3 support in the near
future, Konqueror should probably do so as well for Jessie.

Kind regards
Patrick

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'stable'), (500, 'testing-proposed-updates'), (400, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages konqueror depends on:
ii  install-info            5.2.0.dfsg.1-4
ii  kde-baseapps-bin        4:4.14.1-1
ii  kde-baseapps-data       4:4.14.1-1
ii  kde-runtime             4:4.14.1-1+b1
ii  libc6                   2.19-11
ii  libkactivities6         4:4.13.3-1
ii  libkcmutils4            4:4.14.1-1+b1
ii  libkde3support4         4:4.14.1-1+b1
ii  libkdecore5             4:4.14.1-1+b1
ii  libkdesu5               4:4.14.1-1+b1
ii  libkdeui5               4:4.14.1-1+b1
ii  libkfile4               4:4.14.1-1+b1
ii  libkhtml5               4:4.14.1-1+b1
ii  libkio5                 4:4.14.1-1+b1
ii  libkonq5abi1            4:4.14.1-1
ii  libkonqsidebarplugin4a  4:4.14.1-1
ii  libkparts4              4:4.14.1-1+b1
ii  libqt4-dbus             4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-qt3support       4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libqt4-xml              4:4.8.6+git64-g5dc8b2b+dfsg-2
ii  libqtcore4              4:4.8.6+git64-g5dc8b2b+dfsg-2
ii  libqtgui4               4:4.8.6+git64-g5dc8b2b+dfsg-2+b1
ii  libstdc++6              4.9.1-16
ii  libx11-6                2:1.6.2-3

Versions of packages konqueror recommends:
ii  dolphin              4:4.14.1-1
ii  kfind                4:4.14.1-1
ii  konqueror-nsplugins  4:4.14.1-1
ii  kpart-webkit         1.3.4-1

Versions of packages konqueror suggests:
ii  konq-plugins  4:4.14.1-1

-- no debconf information

More information about the Secure-testing-team mailing list