Hi, I'm Hugo Lefeuvre, from the Debian LTS team. I am currently working on CVE-2019-7443 which appears to affect not only kauth but also kdelibs since it ships a very similar kdecore/auth/backends/dbus/DBusHelperProxy.cpp file[0].
As far as I am aware the fix for CVE-2019-7443 was not applied to kdelibs. Is there a specific reason for that? Do you plan addressing this potential vulnerability in kdelibs as well? CC-ing publicly-archived debian-lts@lists.debian.org regards, Hugo Lefeuvre [0] https://bugs.debian.org/922727 -- Hugo Lefeuvre (hle) | www.owl.eu.com RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
