Backporting of Discover/KNS fixes

Fabian Vogt fabian at ritter-vogt.de
Mon Feb 21 09:43:24 GMT 2022


Moin,

(somehow KMail picked the wrong address to reply from initially, so you
might've received this twice)

Am Montag, 21. Februar 2022, 09:35:46 CET schrieb Rik Mills:
> On 19/02/2022 09:11, Ben Cooksley wrote:
> > Dear Distributions,
> >
> > It has recently come to my attention that some distributions have missed
> > emails sent to this list recently regarding issues with Discover/KNS. As
> > these issues are rather critical I am now requiring all distributions to
> > explicitly acknowledge receipt of these emails and to declare the
> > actions they have taken. As a reminder, end-user systems without these
> > patches are participating in a distributed denial of service attack on
> > KDE.org infrastructure.
> >
> > The two emails which distributions need to keep in mind are:
> > - https://mail.kde.org/pipermail/distributions/2022-February/001140.html
> > <https://mail.kde.org/pipermail/distributions/2022-February/001140.html>
> > - https://mail.kde.org/pipermail/distributions/2022-February/001142.html
> > <https://mail.kde.org/pipermail/distributions/2022-February/001142.html>
> >
> > These patches should be backported to all versions currently in support.
> >
> > For those distributions that have already backported these patches -
> > thank you and apologies for the further inconvenience regarding this.
> 
> https://invent.kde.org/plasma/plasma-desktop/-/commit/b85cf34298c274b5f16cb6c2aead7b87f0dabbb8
> 
> Does not apply to plasma-desktop 5.22.5

That's actually just the last commit of a merged PR, you'd need

798027fd17ab86eea022e5d269aa86138b28b130,
8e164050c594855ee3728678d6d0907a10b28db6 and
b85cf34298c274b5f16cb6c2aead7b87f0dabbb8, as well as the followup build fix
6e8626f2d65a03af3cd12fb5390040c56ca3258d.

They should apply to 5.22, but I also backported them to 5.18 if that helps:
https://build.opensuse.org/package/show/home:Vogtinator:boo1196199/plasma5-desktop.openSUSE_Backports_SLE-15-SP3_Update

0001-Use-the-correct-endpoint-for-this.patch (pushed to Plasma/5.18)
0002-Add-a-granular-cache-preference-thing-to-attica-kde.patch
0003-Fix-missing-variable-name.patch
0004-Only-trust-the-expiration-date-if-it-s-less-than-24-.patch
0005-Fix-build.patch

Still appears to work fine, but I didn't test whether the caching behaviour
is exactly as intended.

Cheers,
Fabian




More information about the Distributions mailing list