oss-sec mailing list archives
Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon
From: Matthias Gerstner <mgerstner () suse de>
Date: Wed, 14 Oct 2020 10:44:28 +0200
On Tue, Oct 13, 2020 at 03:28:19PM +0200, Solar Designer wrote:
Will kdeconnectd no longer be active by default in openSUSE? I hope so.
This is our aim as security team. We are currently still discussing with the community how to achieve a good solution that removes the attack surface by default but enables interested users to easily access the application.
Merely fixing the known issues doesn't address the fact that this poses unjustified risk for most people.
Well put. Exactly my thinking. Cheers Matthias
Attachment:
signature.asc
Description:
Current thread:
- kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner (Oct 13)
- Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Solar Designer (Oct 13)
- Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner (Oct 14)
- Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Matthias Gerstner (Nov 30)
- Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon Solar Designer (Oct 13)