{"id":"MGASA-2015-0044","summary":"Updated kdebase4-runtime packages fix CVE-2013-7252 and several bugs","details":"Updated kdebase4-runtime packages fix security vulnerability:\n\nkwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB\nmode instead of CBC mode when encrypting the password store, which makes it\neasier for attackers to guess passwords via a codebook attack (CVE-2013-7252).\n\nThis update also fixes some additional issues:\n- encoding in KDEsuDialog (mga#14851)\n- kio_sftp can corrupts files when reading (bko#342391)\n- use euro currency for Lithuania\n- save the default file manager, email client and browser in mimeapps.list\n  [Default Applications] for a better interoperability with most of GTK\n  applications (mga#4461)\n","modified":"2026-04-16T06:24:48.038787632Z","published":"2015-01-31T13:23:52Z","upstream":["CVE-2013-7252"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0044.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14997"},{"type":"ADVISORY","url":"https://www.kde.org/info/security/advisory-20150109-1.txt"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148090.html"},{"type":"REPORT","url":"https://bugs.kde.org/show_bug.cgi?id=342391"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14851"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=4461"}],"affected":[{"package":{"name":"kdebase4-runtime","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kdebase4-runtime?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12.5-1.3.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0044.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}