Date: Wed, 14 Oct 2020 10:44:28 +0200 From: Matthias Gerstner <mgerstner@...e.de> To: oss-security@...ts.openwall.com Subject: Re: kdeconnect: CVE-2020-26164: multiple security issues in kdeconnectd network daemon On Tue, Oct 13, 2020 at 03:28:19PM +0200, Solar Designer wrote: > Will kdeconnectd no longer be active by default in openSUSE? I hope so. This is our aim as security team. We are currently still discussing with the community how to achieve a good solution that removes the attack surface by default but enables interested users to easily access the application. > Merely fixing the known issues doesn't address the fact that this poses > unjustified risk for most people. Well put. Exactly my thinking. Cheers Matthias Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.