Geoff Crompton wrote:
I haven't seen a DSA for kdelibs, according to: http://www.securityfocus.com/bid/12525 version 3.3.2 is vulnerable to a local file overwriting issue. Woody's clean, anyone know if the sid and sarge packages are affected?
KDE is tracking the bug. http://bugs.kde.org/show_bug.cgi?id=97608From the discussion there, it sounds like it might only be exploitable when building KDE? (I don't know kde well enough to be confident about this assertion though).
-- Geoff Crompton Debian System Administrator Strategic Data +61 3 9340 9000