Security update for kdeconnect-kde SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1647-1 Final 1 1 2020-10-10T12:22:37Z current 2020-10-10T12:22:37Z 2020-10-10T12:22:37Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for kdeconnect-kde This update for kdeconnect-kde fixes the following issues: kdeconnect-kde was updated to fix various security issues in its default enabled network service (CVE-2020-26164, boo#1176268): This update was imported from the openSUSE:Leap:15.1:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1647 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D52Z5KDW6IEGCQ72V6VJFDCOSJQMTLBH/ E-Mail link for openSUSE-SU-2020:1647-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1176268 SUSE Bug 1176268 https://www.suse.com/security/cve/CVE-2020-26164/ SUSE CVE CVE-2020-26164 page SUSE Package Hub 15 SP1 kdeconnect-kde-1.3.3-bp151.4.3.1 kdeconnect-kde-lang-1.3.3-bp151.4.3.1 kdeconnect-kde-1.3.3-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 kdeconnect-kde-lang-1.3.3-bp151.4.3.1 as a component of SUSE Package Hub 15 SP1 In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack. CVE-2020-26164 SUSE Package Hub 15 SP1:kdeconnect-kde-1.3.3-bp151.4.3.1 SUSE Package Hub 15 SP1:kdeconnect-kde-lang-1.3.3-bp151.4.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D52Z5KDW6IEGCQ72V6VJFDCOSJQMTLBH/ https://www.suse.com/security/cve/CVE-2020-26164.html CVE-2020-26164 https://bugzilla.suse.com/1176268 SUSE Bug 1176268 https://bugzilla.suse.com/1177628 SUSE Bug 1177628