[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemo
From:       Matthias Gerstner <mgerstner () suse ! de>
Date:       2020-10-14 8:44:28
Message-ID: 20201014084428.GB10073 () f195 ! suse ! de
[Download RAW message or body]


On Tue, Oct 13, 2020 at 03:28:19PM +0200, Solar Designer wrote:
> Will kdeconnectd no longer be active by default in openSUSE?  I hope so.

This is our aim as security team. We are currently still discussing with
the community how to achieve a good solution that removes the attack
surface by default but enables interested users to easily access the
application.

> Merely fixing the known issues doesn't address the fact that this poses
> unjustified risk for most people.

Well put. Exactly my thinking.

Cheers

Matthias

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]