[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Konqueror secruity flow?
From:       Andreas Pour <pour () kde ! org>
Date:       2001-12-31 0:14:50
[Download RAW message or body]

Thomas Zander wrote:
> 
> On Sun, Dec 30, 2001 at 06:19:11PM -0500, Dawit Alemayehu wrote:
> > On Sunday 30 December 2001 16:39, Hetz Ben Hamo wrote:
> > > Hi All,
> > >
> > > I just found this:
> > >
> > > http://www.securitytracker.com/alerts/2001/Dec/1003060.html
> > >
> > > I think a formal response should be issued...
> > >
> > > Thanks,
> > > Hetz
> >
> > This is old news and has already been fixed in 2.2.2.  The statement
> >
> > "Solution:  No solution was available at the time of this entry"
> >
> > is completely wrong.  Before they report this problems, they should at
> > least attempt to try the latest release and see what happens...
> 
> The funny thing is that a 2.2.2 was released over a month before the security
> alert was issued; and this issue was the first item of the changelog.
>     http://www.kde.org/announcements/announce-2.2.2.html
> 
> My respect for these guys has just hit rock bottom..

Maybe true, but the kde.org website is largely to blame, don't you
think?  For example, the 2.2.1 and 2.2 release webpages
(http://www.kde.org/info/2.2.1.html and
http://www.kde.org/info/2.2.html), under the heading "Security Issues",
say "none".  Also, the Konqueror site does not recommend users to
upgrade to the newer Konqueror, or note the security problem in the
earlier version.  Could someone please update those pages?

Ciao,

Dre
[prev in list] [next in list] [prev in thread] [next in thread]