On Wed, Mar 10, 2010 at 07:55, Ken Moffat <[email protected]> wrote: > On 10 March 2010 11:35, Robert Xu <[email protected]> wrote: > > >> That's probably a good idea, in the end. Let's just keep kde3. The >> farthest I go for databases in kde is sqlite. >> >> -- > That's fine provided someone is maintaining it. Looking at the > kde site, I'm not clear if there is an upstream (but nobody reported > any vulnerabilities in 3.5.10), or if they only care about kde4. > I don't know of any distribution maintaining this anymore. Even debian has marked it non-supported.
> A quick search on lwn suggests debian know of at least one > vulnerability in kdelibs-3.5.10 ( DSA-1998-1 although the > link from that to Mitre may, or may not, be the correct > link). > There have been many vulnerablilties already discovered. Problem is, there haven't been any patches released. Or anyone hasn't created patches. > My gut feeling isthat anyone using kde-3.5 is basically on their > own for security, and should follow a distro such as debian to get > security updates. > That's true. But that's a problem if we want to keep KDE in the book, we have to maintain it... :-\ -- Cya Later, Robert Xu Ever tried Linux? :) -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
