Security fix for CVE-2019-1010189
Archive for August 18th, 2019
This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** – `kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary
This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** – `kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary
Resolves CVE-2019-11065.
Three vulnerabilities have been discovered in the Go programming language; “net/url” accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service.