Language Selection

English French German Italian Portuguese Spanish

KDE flaws put Linux, Unix systems at risk

Filed under

A serious vulnerability has been found in the popular KDE open-source software bundle. The flaw, deemed "critical" by the research outfit the French Security Incident Response Team, could allow a remote attacker to gain control over vulnerable systems.

For an attack to be successful, a person would have to visit the attacker's Web page using Konqueror, the FrSIRT said in its alert. Affected are KDE 3.2.0 up to and including KDE 3.5.0. Fixes are available.

Full Story.

From the horse's mouth:

The KDE Project released a security advisory today for a heap overflow vulnerability in KJS. Earlier this month, a number of integer overflows affecting KPDF, and consequentially KOffice were found and fixed. Patches have been made available and your distributor should have updated binary packages. The KDE security advisory page has an overview of all KDE advisories. Links to source patches are contained in the advisories.

The Dot with links to the patches. Distribution vendors should have updated packages available shortly.

More in Tux Machines

First Ubuntu Touch Images Based on Ubuntu 16.04 LTS (Xenial Xerus) Are Now Live

Just a few moments ago, we were notified by Łukasz Zemczak from Canonical about the latest work done by the Ubuntu Touch developers for the upcoming OTA-9 software update for Ubuntu Phones. Read more

5 open-source alternatives to Slack

Here are five full-featured Slack alternatives — tools that go beyond IRC, in other words — that are open-source software, which means you can download it and run it on whatever server you want. That implies that you’re in charge of security, for better or worse, instead of, say, Slack. Read more

FFmpeg 2.8.3 "Feynman" Released, It's Now the Latest Stable FFmpeg Version

Earlier today, November 27, FFmpeg, the leading multimedia framework for Linux kernel-based operating systems has received a new maintenance release, version 2.8.3, which updates many of the project's core components. Read more

Tumbleweed changes fonts, Leap gets several updates

Tumbleweed had one snapshot so far this week that brought more appeal to users of openSUSE. Snapshot 20151123 changed fonts for openSUSE. The terminal font changed to Adobe Code Pro and Roboto was also added as the default font. Read more