Kevin Kofler wrote: > kdelibs3 (which uses the same configuration files as kdelibs 4) is another > story, and I am looking into it (I already have a backport of the security > fix ready, but I have not looked into using the correct Desktop and > Documents directories out of the box yet), but it should not block the > security fix. Ancient KDE 3 applications picking the wrong Desktop and/or > Documents directories definitely has less impact than leaving the security > issue unfixed for both kdelibs 3 and 4 (which share the same configuration > files). kdelibs3 is sorted out now: * CVE-2019-14744 fix backported: https://src.fedoraproject.org/rpms/kdelibs3/blob/master/f/kdelibs-3.5.10-CVE-2019-14744.patch * native xdg-user-dirs support backported from Trinity: https://src.fedoraproject.org/rpms/kdelibs3/blob/master/f/kdelibs-3.5.10-kglobalsettings-xdg-user-dirs.patch (The KConfig settings for the Desktop and Documents folders are ignored entirely with this patch, so you can safely delete them from kde-settings.) Updates filed: F30: https://bodhi.fedoraproject.org/updates/FEDORA-2019-f9f78895c3 F29: https://bodhi.fedoraproject.org/updates/FEDORA-2019-9f2ee52c88 Kevin Kofler _______________________________________________ kde mailing list -- kde@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to kde-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/kde@xxxxxxxxxxxxxxxxxxxxxxx
