the patch attached to fix this can't be applied for KDE Frameworks 5.26: https://quickgit.kde.org/?
p=kcoreaddons.git&a=commitdiff&h=96e562d9138c100498da38e4c5b4091a226dde12
you need additionally https://quickgit.kde.org/?
p=kcoreaddons.git&a=commitdiff&h=1be7272373d60e4234f1a5584e676b579302b053
I think we should add this information.
Also I think we should add the information, that the affected version is
inside KDE Frameworks < 5.26 and is/will be fixed with 5.27. To make it easier
to understand that this is outside of kdepim space for KF5.
Additionally we should add to all CVEs, the fixed version(s).
Btw. shouldn't we need to release fixed version for all framework versions? At
previous Akademy (in Spain) it was told, that frameworks will get security
fixes for an year, so we would need to release 12 frameworks?
Hey,
the patch attached to fix this can't be applied for KDE Frameworks 5.26: /quickgit. kde.org/? git&a=commitdif f&h=96e562d9138 c100498da38e4c5 b4091a226dde12
https:/
p=kcoreaddons.
you need additionally /quickgit. kde.org/? git&a=commitdif f&h=1be7272373d 60e4234f1a5584e 676b579302b053
https:/
p=kcoreaddons.
I think we should add this information.
Also I think we should add the information, that the affected version is
inside KDE Frameworks < 5.26 and is/will be fixed with 5.27. To make it easier
to understand that this is outside of kdepim space for KF5.
Additionally we should add to all CVEs, the fixed version(s).
Btw. shouldn't we need to release fixed version for all framework versions? At
previous Akademy (in Spain) it was told, that frameworks will get security
fixes for an year, so we would need to release 12 frameworks?
Regards,
sandro