Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.bugs.dist > #1097256

Bug#1006293: bullseye-pu: package plasma-desktop/4:5.20.5-4

From Julien Cristau <jcristau@debian.org>
Newsgroups linux.debian.bugs.dist, linux.debian.devel.release
Subject Bug#1006293: bullseye-pu: package plasma-desktop/4:5.20.5-4
Date 2022-03-18 16:30 +0100
Message-ID <E2mI9-2AwD-3@gated-at.bofh.it> (permalink)
References <DTLcJ-3EQk-3@gated-at.bofh.it> <DTLcJ-3EQk-3@gated-at.bofh.it>
Organization linux.* mail to news gateway

Cross-posted to 2 groups.

Show all headers | View raw

Control: tag -1 moreinfo

On Tue, Feb 22, 2022 at 10:45:21PM +0100, Patrick Franz wrote:
> A bug in plasma-discover causes a Denial of Service attack
> against the KDE servers. 3 packages needs to be patch to
> mitigate the attack: knewstuff, plasma-desktop and
> plasma-discover.
> This update fixes bug #1006125 for bullseye and has been 
> fixed in unstable.
> 
Can you clarify the issue and how the 3 affected packages interact?  The
mailing list links seem to talk about plasma-discover's KNS backend so I guess
I understand that part, how are plasma-desktop and knewstuff involved?

Back to linux.debian.bugs.dist | Previous | NextNext in thread | Find similar | Unroll thread

Thread

Bug#1006293: bullseye-pu: package plasma-desktop/4:5.20.5-4 Julien Cristau <jcristau@debian.org> - 2022-03-18 16:30 +0100
  Bug#1006293: bullseye-pu: package plasma-desktop/4:5.20.5-4 Patrick Franz <deltaone@debian.org> - 2022-03-21 22:40 +0100

csiph-web