On 10/01/15 23:30:58, Luc Menut wrote: > Hello, > > Le 10/01/2015 17:27, Albert Astals Cid a écrit : > >KDE Project Security Advisory > >============================= > > > >Title: Fix kwalletd CBC encryption handling > >Risk Rating: Low > >CVE: CVE-2013-7252 > >Platforms: All > >Versions: kwalletd < Applications 14.12.1, KF5::KWallet < 5.6.0 > >Author: Valentin Rusu <k...@rusu.info> > >Date: 9 January 2015 > > > > ... > > > > >Solution > >======== > > > >For kde-runtime KWallet upgrade to KDE Applications 14.12.1 or apply the > >following patch: > > > > http://quickgit.kde.org/?p=kde-runtime.git&a=commit&h=14a8232d0b5b1bc5e0ad922292c6b5a1c501165c > > I see this patch in master and KDE/4.12, but not in KDE/4.13, KDE/4.14 and > Applications/14.12. > Is it not needed for these 3 branches (KDE/4.13, KDE/4.14 and > Applications/14.12), fixed in another way ???
Not being sure that there'll be a new KDE/4.14 release, I cherry-picked this fix to that branch too. Regards, Valentin >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
