Language Selection

English French German Italian Portuguese Spanish

KDE 3.4.2: Just around the bend

Filed under
KDE

KDE 3.4.2 was tagged a couple days ago and will probably be unleashed onto the general public on or about July 27. This release may not contain any new obvious eye candy or features, it does however have lots and LOTS of bug and security fixes.

Some highlights include:

  • kdelibs:
    • kdeui/klistview.cpp: backport Thomas' double-click fix

    • kio/kssl/ksslcertificatehome.cc: make hostnames case insensitive
    • kdeui/kcolordialog.cpp, kio/kfile/kicondialog.cpp: Killing more non-functional "Help" buttons
    • kinit/lnusertemp.c:
      • use $TMPDIR for the KDE related /tmp files if available.
      • switch priorities of KDETMP vs TMPDIR
    • kio/kio/job.cpp: No progress dialog for the subjob
    • kdeui/klistview.cpp: Give back the focus to the view after canceling a rename
    • mimetypes/application/x-debian-package.desktop (added for compatibility)
    • dcop/dcopserver.cpp: Backport sending proper dcop name

  • kdeaddons:
    • konq-plugins/akregator/feeddetector.cpp:
      • decode imported htmlfeeds

      • ignore resources without type attribute patch

  • kdebase:
    • kdm/backend/socket.c: backport: unset ipv6_v6only

    • kdm/backend/util.c: backport tty listing fix
    • kcontrol/crypto/crypto.cpp: store/read case insensitive
    • l10n/ru/entry.desktop: fixing CurrrencySymbol not in UTF-8
    • kdm/kfrontend/kdm_config.c: backport: fix %hostlist macros
    • kdm/backend/bootman.c: backport: add --no-floppy to the grub command line
    • konsole/konsole/konsole.cpp: One button too much in overwrite confirmation dialog
    • kdm/kfrontend/kgreeter.cpp: backport: don't crash on missing pam-error item

  • kdegraphics:
    • kolourpaint: lots of graphic and font rendering fixes

    • kpdf: again lots of graphic and font rendering fixes

  • kdemultimedia:
    • kmix: lots of bug and rendering fixes

    • juk/googlefetcher.cpp, juk/googlefetcher.h, juk/Makefile.am: fixed JuK crashes when getting cover for album with quotes
    • Updates to kscd documentation: Added CD troubleshooting section for people who need help getting their player working
    • akode/lib/decoderpluginhandler.cpp: Backport of wav fix
  • kdenetwork:
    • kopete:
      • /protocols/gadu/libgadu: lots of security fixes

      • /protocols/groupwise/gwaccount.cpp: Backport fix for adding contacts to your list who have messaged you.
      • /protocols/msn/msnsecureloginhandler.cpp: Backport: don't output the password in the debug
      • /protocols/msn/sslloginhandler.h (removed): Backport the MSNSecureLoginHandler class. Should fix crash related to OpenSSL and lag when login.
      • /libkopete/kopetemetacontact.cpp: backport of bug that overwrites your entire addressbook with lame msn pictures when a resource of kabc is not available.
  • kdepim:
    • akregator:
      • /src/akregator_view.cpp: fix quick search, reset state on node correctly and update filters in view objects

      • /src/akregator_run.cpp: only use external browser if selected in akregator
    • korn/accountmanager.cpp: It now doesn't run the command if KOrn is restarted after resetting the counter to zero.
    • mimelib/msgcmp.cpp: fixed crashes when downloading new parts which don't have an id yet
    • kmail: lots of folder handling issues

A few Screenshots.

More in Tux Machines

Today in Techrights

Security: SSL, Microsoft Windows TCO, Security Breach Detection and SIM Hijackers

  • Why Does Google Chrome Say Websites Are “Not Secure”?
    Starting with Chrome 68, Google Chrome labels all non-HTTPS websites as “Not Secure.” Nothing else has changed—HTTP websites are just as secure as they’ve always been—but Google is giving the entire web a shove towards secure, encrypted connections.
  • Biggest Voting Machine Maker Admits -- Ooops -- That It Installed Remote Access Software After First Denying It [Ed: Microsoft Windows TCO]
    We've been covering the mess that is electronic voting machines for nearly two decades on Techdirt, and the one thing that still flummoxes me is how are they so bad at this after all these years? And I don't mean "bad at security" -- though, that's part of it -- but I really mean "bad at understanding how insecure their machines really are." For a while everyone focused on Diebold, but Election Systems and Software (ES&S) has long been a bigger player in the space, and had just as many issues. It just got less attention. There was even a brief period of time where ES&S bought what remained of Diebold's flailing e-voting business before having to sell off the assets to deal with an antitrust lawsuit by the DOJ. What's incredible, though, is that every credible computer security person has said that it is literally impossible to build a secure fully electronic voting system -- and if you must have one at all, it must have a printed paper audit trail and not be accessible from the internet. Now, as Kim Zetter at Motherboard has reported, ES&S -- under questioning from Senator Ron Wyden -- has now admitted that it installed remote access software on its voting machines, something the company had vehemently denied to the same reporter just a few months ago.
  • Bringing cybersecurity to the DNC [Ed: Microsoft Windows TCO. Microsoft Exchange was used.]
    When Raffi Krikorian joined the Democratic National Committee (DNC) as chief technology officer, the party was still reeling from its devastating loss in 2016 — and the stunning cyberattacks that resulted in high-level officials’ emails being embarrassingly leaked online.
  • Getting Started with Successful Security Breach Detection
    Organizations historically believed that security software and tools were effective at protecting them from hackers. Today, this is no longer the case, as modern businesses are now connected in a digital global supply ecosystem with a web of connections to customers and suppliers. Often, organizations are attacked as part of a larger attack on one of their customers or suppliers. They represent low hanging fruit for hackers, as many organizations have not invested in operationalizing security breach detection. As this new reality takes hold in the marketplace, many will be tempted to invest in new technology tools to plug the perceived security hole and move on with their current activities. However, this approach is doomed to fail. Security is not a "set it and forget it" type of thing. Defending an organization from a breach requires a careful balance of tools and operational practices -- operational practices being the more important element.
  • The SIM Hijackers

    By hijacking Rachel’s phone number, the hackers were able to seize not only Rachel’s Instagram, but her Amazon, Ebay, Paypal, Netflix, and Hulu accounts too. None of the security measures Rachel took to secure some of those accounts, including two-factor authentication, mattered once the hackers took control of her phone number.

GNU/Linux Desktops/Laptops and Windows Spying

  • Changes [Pop!_OS]

    For the last 12 years, my main development machine has been a Mac. As of last week, it’s a Dell XPS 13 running Pop!_OS 18.04.

    [...]

    Take note: this is the first operating system I’ve used that is simpler, more elegant, and does certain things better than macOS.

  • System76 Opens Manufacturing Facility to Build Linux Laptops
    As it turns out, System76 is making the transition from a Linux-based computer seller, into a complete Linux-based computer manufacturer. The Twitter photos are from their new manufacturing facility. This means that System76 will no longer be slapping their logo on other company’s laptops and shipping them out, but making their own in-house laptops for consumers.
  • Extension adding Windows Timeline support to third-party browsers should have raised more privacy questions
    Windows Timeline is a unified activity history explorer that received a prominent placement next to the Start menu button in Windows 10 earlier this year. You can see all your activities including your web browser history and app activity across all your Windows devices in one place; and pickup and resume activities you were doing on other devices. This is a useful and cool feature, but it’s also a privacy nightmare. You may have read about a cool new browser extension that adds your web browsing history from third-party web browsers — including Firefox, Google Chrome, Vivaldi, and others — to Windows Timeline. The extension attracted some media attention from outlets like MSPoweruser, Neowin, The Verge, and Windows Central.

Public money, public code? FSFE spearheads open-source initiative

Last September, the non-profit Free Software Foundation Europe (FSFE) launched a new campaign that calls for EU-wide legislation that requires publicly financed software developed for the public sector to be made publicly available under a free and open-source software license. According to the ‘Public Money, Public Code’ open letter, free and open-source software in the public sector would enable anyone to “use, study, share, and improve applications used on a daily basis”. The initiative, says the non-profit, would provide safeguards against public sector organizations being locked into services from specific companies that use “restrictive licenses” to hinder competition. The FSFE also says the open-source model would help improve security in the public sector, as it would allow backdoors and other vulnerabilities to fixed quickly, without depending on one single service provider. Since its launch, the Public Money, Public Code initiative has gained the support of 150 organizations, including WordPress Foundation, Wikimedia Foundation, and Tor, along with nearly 18,000 individuals. With the initiative now approaching its first anniversary, The Daily Swig caught up with FSFE spokesperson Paul Brown, who discussed the campaign’s progress. Read more