From kfm-devel Mon Dec 31 00:49:31 2001 From: Cristian Tibirna Date: Mon, 31 Dec 2001 00:49:31 +0000 To: kfm-devel Subject: Re: Konqueror secruity flow? X-MARC-Message: https://marc.info/?l=kfm-devel&m=100976004625072 When we created the kde-www list, we hoped to be able to use it for this kind of things, among others. On Sunday 30 December 2001 19:14, Andreas Pour wrote: > Thomas Zander wrote: > > On Sun, Dec 30, 2001 at 06:19:11PM -0500, Dawit Alemayehu wrote: > > > On Sunday 30 December 2001 16:39, Hetz Ben Hamo wrote: > > > > Hi All, > > > > > > > > I just found this: > > > > > > > > http://www.securitytracker.com/alerts/2001/Dec/1003060.html > > > > > > > > I think a formal response should be issued... > > > > > > > > Thanks, > > > > Hetz > > > > > > This is old news and has already been fixed in 2.2.2. The statement > > > > > > "Solution: No solution was available at the time of this entry" > > > > > > is completely wrong. Before they report this problems, they should at > > > least attempt to try the latest release and see what happens... > > > > The funny thing is that a 2.2.2 was released over a month before the > > security alert was issued; and this issue was the first item of the > > changelog. http://www.kde.org/announcements/announce-2.2.2.html > > > > My respect for these guys has just hit rock bottom.. > > Maybe true, but the kde.org website is largely to blame, don't you > think? For example, the 2.2.1 and 2.2 release webpages > (http://www.kde.org/info/2.2.1.html and > http://www.kde.org/info/2.2.html), under the heading "Security Issues", > say "none". Also, the Konqueror site does not recommend users to > upgrade to the newer Konqueror, or note the security problem in the > earlier version. Could someone please update those pages? > > Ciao, > > Dre