Candidate: CVE-2014-3494
PublicDate: 2014-07-01 16:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3494
 http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f
Description:
 kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95
 before 4.13.3 does not properly generate warning notifications, which
 allows man-in-the-middle attackers to obtain sensitive information via an
 invalid certificate.
Ubuntu-Description:
Notes:
 mdeslaur> affects 4.10.95 to 4.13.2
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752052
 https://bugs.launchpad.net/ubuntu/+source/kde4libs/+bug/1332064
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_kde4libs:
upstream_kde4libs: needs-triage
lucid_kde4libs: ignored (reached end-of-life)
precise_kde4libs: not-affected (4:4.8.5-0ubuntu0.3)
saucy_kde4libs: released (4:4.11.5-0ubuntu0.3)
trusty_kde4libs: released (4:4.13.1-0ubuntu0.2)
trusty/esm_kde4libs: released (4:4.13.1-0ubuntu0.2)
devel_kde4libs: released (4:4.13.2-0ubuntu2)