Tests successful for me :) ** Description changed:
See: https://mail.kde.org/pipermail/distributions/2022-February/001140.html Dear distributors, In the last few days, we have been looking into mitigating the impact of Discover against certain KDE web services. Some of the problems can be addressed in the service itself but not them entirely, so it would be useful if the following changes were backported into your own packaging. We have already included it in our stable branches but on the distributions that ship unsupported versions of our software it would be useful you can apply these patches. https://invent.kde.org/frameworks/knewstuff/-/commit/c8165b7a0d622e318b3353ccf257a8f229dd12c9 https://invent.kde.org/frameworks/knewstuff/-/commit/e1c6f2bf383876a31cd3e3f9e6edcaa19dc0a7dd https://invent.kde.org/plasma/plasma-desktop/-/commit/b85cf34298c274b5f16cb6c2aead7b87f0dabbb8 https://invent.kde.org/plasma/discover/-/commit/6257e21c313e21afd80d101d24c78d66621236b1 If you feel unsure about the patch on a specific branch, feel free to contact me here or in private and I will backport it if necessary. Impact] - * Effectively a DDOS on some KDE servers that were not intended to take + * Effectively a DDOS on some KDE servers that were not intended to take this traffic [Test Plan] - * Launch one of the affected KCMs via the command line with kcmshell5. + * Launch one of the affected KCMs via the command line with kcmshell5. Check that a warning message that the "Please make sure" << configfile << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml"; message is displayed indicating that the correct providers url has been substituted. + e.g. + + $ kcmshell5 kcm_kwin_effects + $ kcmshell5 kwinscripts + $ kcmshell5 kwindecoration + $ kcmshell5 kwintabbox + [Where problems could occur] - * KNS enabled apps could fail to fetch resources, crash etc. It will + * KNS enabled apps could fail to fetch resources, crash etc. It will need to be tested with a reasonable sample of these that this does not happen. ** Description changed: See: https://mail.kde.org/pipermail/distributions/2022-February/001140.html Dear distributors, In the last few days, we have been looking into mitigating the impact of Discover against certain KDE web services. Some of the problems can be addressed in the service itself but not them entirely, so it would be useful if the following changes were backported into your own packaging. We have already included it in our stable branches but on the distributions that ship unsupported versions of our software it would be useful you can apply these patches. https://invent.kde.org/frameworks/knewstuff/-/commit/c8165b7a0d622e318b3353ccf257a8f229dd12c9 https://invent.kde.org/frameworks/knewstuff/-/commit/e1c6f2bf383876a31cd3e3f9e6edcaa19dc0a7dd https://invent.kde.org/plasma/plasma-desktop/-/commit/b85cf34298c274b5f16cb6c2aead7b87f0dabbb8 https://invent.kde.org/plasma/discover/-/commit/6257e21c313e21afd80d101d24c78d66621236b1 If you feel unsure about the patch on a specific branch, feel free to contact me here or in private and I will backport it if necessary. Impact] * Effectively a DDOS on some KDE servers that were not intended to take this traffic [Test Plan] * Launch one of the affected KCMs via the command line with kcmshell5. - Check that a warning message that the "Please make sure" << configfile - << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml"; - message is displayed indicating that the correct providers url has been - substituted. + * in the kcm, hit the "get new" something button. + * Check that a warning message that the "Please make sure" << configfile << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml"; message is displayed indicating that the correct providers url has been substituted. + * Check that resources are displayed to choose from and download. e.g. $ kcmshell5 kcm_kwin_effects $ kcmshell5 kwinscripts $ kcmshell5 kwindecoration $ kcmshell5 kwintabbox [Where problems could occur] * KNS enabled apps could fail to fetch resources, crash etc. It will need to be tested with a reasonable sample of these that this does not happen. ** Description changed: See: https://mail.kde.org/pipermail/distributions/2022-February/001140.html Dear distributors, In the last few days, we have been looking into mitigating the impact of Discover against certain KDE web services. Some of the problems can be addressed in the service itself but not them entirely, so it would be useful if the following changes were backported into your own packaging. We have already included it in our stable branches but on the distributions that ship unsupported versions of our software it would be useful you can apply these patches. https://invent.kde.org/frameworks/knewstuff/-/commit/c8165b7a0d622e318b3353ccf257a8f229dd12c9 https://invent.kde.org/frameworks/knewstuff/-/commit/e1c6f2bf383876a31cd3e3f9e6edcaa19dc0a7dd https://invent.kde.org/plasma/plasma-desktop/-/commit/b85cf34298c274b5f16cb6c2aead7b87f0dabbb8 https://invent.kde.org/plasma/discover/-/commit/6257e21c313e21afd80d101d24c78d66621236b1 If you feel unsure about the patch on a specific branch, feel free to contact me here or in private and I will backport it if necessary. Impact] * Effectively a DDOS on some KDE servers that were not intended to take this traffic [Test Plan] * Launch one of the affected KCMs via the command line with kcmshell5. - * in the kcm, hit the "get new" something button. - * Check that a warning message that the "Please make sure" << configfile << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml"; message is displayed indicating that the correct providers url has been substituted. - * Check that resources are displayed to choose from and download. + * in the kcm, hit the "get new" something button. + * Check that a warning message that the "Please make sure" << configfile << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml"; message is displayed indicating that the correct providers url has been substituted. + * Check that resources are displayed to choose from and download. e.g. $ kcmshell5 kcm_kwin_effects $ kcmshell5 kwinscripts - $ kcmshell5 kwindecoration $ kcmshell5 kwintabbox [Where problems could occur] * KNS enabled apps could fail to fetch resources, crash etc. It will need to be tested with a reasonable sample of these that this does not happen. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962157 Title: [SRU to impish] Mitigate KNS load on KDE servers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/knewstuff/+bug/1962157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
