The Debian Project and Canonical released security updates for their supported operating systems to address some recently disclosed vulnerabilities in the KDE libraries.
A couple of weeks ago, the KDE community fixed a security vulnerability discovered by Dominik Penner in the KConfig component, the configuration settings framework of the KDE Plasma desktop environment, which could allow an attacker to execute malicious code through a specially crafted .desktop file included in an archive that was opened in the file manager.
“Dominik Penner discovered that KConfig supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it’s embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed. This update removes this feature,” reads the Debian security advisory.
T… (read more)
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop by Dell or HP!
Top Trending Pages: Ubuntu Hosting | Download Ubuntu Software | Share Ubuntu Files With Windows