Package: kdesudo
Severity: serious

kdesudo still uses Qt 3 libraries (with the Qt 4 compatibility layer)
and has not seen upstream commits since 2011. It's superseded by kdesu,
which is Qt 5 and works fine.

kdesu has seen several CVEs, and in my opinion, it's more of a liability
to keep kdesudo than to keep it. It should also be removed because of
the Qt 4 removal in Buster.

Simon Quigley
tsimonq2 on freenode and OFTC
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4

Attachment: signature.asc
Description: OpenPGP digital signature

pkg-kde-extras mailing list

Reply via email to