Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#43417 - [kdebase-runtime] CVE issued for kwalletd < applications 14.12.1
Attached to Project:
Arch Linux
Opened by David (d_garbage) - Monday, 12 January 2015, 04:09 GMT
Last edited by Andrea Scarpino (BaSh) - Saturday, 17 January 2015, 08:17 GMT
Opened by David (d_garbage) - Monday, 12 January 2015, 04:09 GMT
Last edited by Andrea Scarpino (BaSh) - Saturday, 17 January 2015, 08:17 GMT
|
DetailsDescription:
KDE announced a CVE for kwalletd [1]. A patch is included. This problem is fixed in the 14.12.1 release, and the risk rating is "Low" but judging by this thread [2] on the forum it is a bit unclear when 14.12 might be available in Arch (couldn't find any mention on the mailing lists). Hope that helps, thanks. Additional info: extra/kdebase-runtime 4.14.3-1 [1] http://lists.kde.org/?l=kde-announce&m=142090869229826 [2] https://bbs.archlinux.org/viewtopic.php?id=190482&p=4 |
This task depends upon
Closed by Andrea Scarpino (BaSh)
Saturday, 17 January 2015, 08:17 GMT
Reason for closing: Fixed
Additional comments about closing: kdebase-runtime 14.12.1
Saturday, 17 January 2015, 08:17 GMT
Reason for closing: Fixed
Additional comments about closing: kdebase-runtime 14.12.1
https://bugzilla.redhat.com/show_bug.cgi?id=1048169