Last thing I heard was on oss-sec list:
Please use CVE-2013-2213 for KDE KRandom::random() CWE-334: Small
Space of Random Values.
So I guess patching KRandom to use qca::random (either using TLS or a
lock) would be the easy fix that would let people sleep at night.
** CVE added: http://www.cve.m
Yeah, that commit's wrong, unless they're assuming KRandom is a secure
PRNG, in which case we should assign another CVE and I'll write a patch
for that.
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kdeplasma-addons in Ubuntu.
https://bugs.