Control: tag -1 confirmed On Tue, Feb 22, 2022 at 10:38:05PM +0100, Patrick Franz wrote: > [ Reason ] > A bug in plasma-discover causes a Denial of Service attack > against the KDE servers. 3 packages needs to be patch to > mitigate the attack: knewstuff, plasma-desktop and > plasma-discover. > This update fixes bug #1006124 for bullseye and has been > fixed in unstable. > > [ Impact ] > Running the old version causes considerable load for the KDE > servers. > > [ Tests ] > No manual tests have been performed. > > [ Risks ] > The risks are rather low as the update is a single patch. > The patch has been created by KDE upstream specifically for the > version in bullseye. > > [ Checklist ] > [x] *all* changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in (old)stable > [x] the issue is verified as fixed in unstable > > [ Changes ] > The update contains a single patch to help ease the load on > KDE servers. > > [ Other info ] > It would be good if users of KDE plasma could receive the update > as quick as possible.
Thanks, go ahead. Cheers, Julien