DSA-388-1: "kdebase -- several vulnerabilities" -- fixed?
Hi all,
DSA-388-1[1] says:
> Two vulnerabilities were discovered in kdebase:
>
> - CAN-2003-0690
> [...]
> - CAN-2003-0692
> [...]
>
> [...]
> For the current stable distribution (woody) these problems have been
> fixed in version 4:2.2.2-14.7.
>
> For the unstable distribution (sid) these problems will be fixed soon.
There hasn't been a follow-up to this DSA, and nothing relevant to the
listed CANs or the DSA seems to be mentioned in the changelogs of the
kdebase package. From the KDE upstream team's advisory, I conclude that
these problems have been fixed in 3.1.4, but it sure would have been nice
to read something about them being fixed in the Debian changelogs.
[1] http://www.debian.org/security/2003/dsa-388
Reply to: