Bug#1006126: libkf5newstuffcore5: Denial of Service bug
Dear Patrick
Le 19 février 2022 15:40:38 GMT+01:00, Patrick Franz <deltaone@debian.org> a écrit :
>Package: libkf5newstuffcore5
>Version: 5.90.0-1
>Severity: important
>X-Debbugs-Cc: deltaone@debian.org
>
>Hi all,
>
>knewstuff has a Denial of Service bug that sends huge amounts of requests
>to KDE servers.
>
>See the discussion of the KDE mailing-lists:
>https://mail.kde.org/pipermail/distributions/2022-February/001124.html
>
This is already fixed in 5.90.0-1, I've backported the fixes in this commit :
https://salsa.debian.org/qt-kde-team/kde/knewstuff/-/commit/2deac99db9d1c20a3a55750baa38adcd21895584
I've started an article in the team's Gobby to follow-up on this.
Someone™ needs to work on the stable update. ;-)
Cheers,
--
Aurélien
Reply to: