[plasmashell] [Bug 480112] PlasmaCore.DataSource "executable" engine arbitrary code execution via any QML file in backdoored wallpaper plugins, themes, etc. distributed via store.kde.org
https://bugs.kde.org/show_bug.cgi?id=480112 --- Comment #6 from Amin Vakil --- What do you think about adding a warning, so users pay more attention installing plugins and check its sources? Just like you say, at the end of the day this concern is valid for any application which you install from everywhere, but here users (including myself) does not think that it may contain a executable as it's only a wallpaper plugin. Also I didn't understand whether installing a wallpaper could have a code execution capability or this only applies to plugins? -- You are receiving this mail because: You are watching all bug changes.
[plasmashell] [Bug 480112] PlasmaCore.DataSource "executable" engine arbitrary code execution via any QML file in backdoored wallpaper plugins, themes, etc. distributed via store.kde.org
https://bugs.kde.org/show_bug.cgi?id=480112 Amin Vakil changed: What|Removed |Added CC||i...@aminvakil.com --- Comment #2 from Amin Vakil --- (In reply to David Edmundson from comment #1) > Same as installing any program. Yeah, but it seems safe as it's only downloading a jpg file, not that it can also execute code . -- You are receiving this mail because: You are watching all bug changes.
[frameworks-kwallet] [Bug 458085] Wallet system takes about 1 minute to start
https://bugs.kde.org/show_bug.cgi?id=458085 Amin Vakil changed: What|Removed |Added CC||i...@aminvakil.com -- You are receiving this mail because: You are watching all bug changes.
[konsole] [Bug 430036] konsole no-toolbar setting missing or forgotten
https://bugs.kde.org/show_bug.cgi?id=430036 Amin Vakil changed: What|Removed |Added CC||i...@aminvakil.com -- You are receiving this mail because: You are watching all bug changes.
[frameworks-baloo] [Bug 432474] baloo_file core dump on every system boot
https://bugs.kde.org/show_bug.cgi?id=432474 --- Comment #4 from Amin Vakil --- It's happening again. It got fixed with `balooctl purge` again. -- You are receiving this mail because: You are watching all bug changes.
[frameworks-baloo] [Bug 432474] baloo_file core dump on every system boot
https://bugs.kde.org/show_bug.cgi?id=432474 --- Comment #2 from Amin Vakil --- I asked this on archlinux irc channels and someone replied me: "known issue, it's fixed in 5.78 but you need to regenerate the index balooctl purge" And it got fixed for me. -- You are receiving this mail because: You are watching all bug changes.
[frameworks-baloo] [Bug 432474] baloo_file core dump on every system boot
https://bugs.kde.org/show_bug.cgi?id=432474 Amin Vakil changed: What|Removed |Added CC||i...@aminvakil.com -- You are receiving this mail because: You are watching all bug changes.
