---

KDE Libraries 2.1.2 Released

Subject: SECURITY: KDE Libraries 2.1.2 Released
Date: Mon, 30 Apr 2001 13:27:46 -0700

DATELINE APRIL 30, 2001

FOR IMMEDIATE RELEASE

SECURITY: NEW KDE LIBRARIES RELEASED

kde adds security and bug fixes to core libraries

April 30, 2001 (The INTERNET)– The KDE Project
(http://www.kde.org/) today
announced the release of kdelibs 2.1.2, a security and bugfix
release of the core KDE libraries. The other core KDE packages,
including kdebase, have not been updated. The KDE Project
recommends that all KDE users upgrade to kdelibs 2.1.2 and KDE
2.1.1.

This release provides the following fixes:

  • Security fixes:
    • KDEsu. The KDEsu which shipped with earlier releases of KDE 2
      writes a (very) temporary but world-readable file with
      authentication information. A local user can potentially abuse this
      behavior to gain access to the X server and, if KDEsu is used to
      perform tasks that require root-access, can result in comprimise of
      the root account.
  • Bug fixes:
    • kio_http. Fixed problems with “protocol for http://x.y.z died unexpectedly” and with proxy
      authentication with Konqueror.
    • kparts. Fixed crash in KOffice 1.1 when splitting views.
    • khtml. Fixed memory leak in Konqueror. Fixed minor HTML
      rendering problems.
    • kcookiejar. Fixed minor problems with HTTP cookies.
    • kconfig. Fixed problem with leading/trailing spaces in
      configuration values.
    • kdebug. Fixed memory leak in debug output.
    • klineedit. Fixed problem with klineedit emitting “return
      pressed” twice.

For more information about the KDE 2.1 series, please see the
KDE 2.1.1 press release (http://www.kde.org/announcements/announce-2.1.1.html)
and the KDE 2.1.1 Info Page (http://www.kde.org/info/2.1.1.html),
which is an evolving FAQ about the latest stable release.
Information on using anti-aliased fonts with KDE is available at
http://dot.kde.org/984693709/.

DOWNLOADING AND COMPILING KDELIBS 2.1.2

The source package for kdelibs 2.1.2 (including a diff file
against 2.1.1) is available for free download at
http://ftp.kde.org/stable/2.1.2/distribution/src/
or in the equivalent directory at one of the many KDE ftp server
mirrors (http://www.kde.org/mirrors.html).
KDE 2.1.2 requires qt-2.2.3, which is available from Trolltech at
ftp://ftp.trolltech.com/qt/source/
under the name qt-x11-2.2.3.tar.gz/, although
qt-2.2.4 or qt-2.3.0 is recommended (for anti-aliased fonts,
qt-2.3.0 and XFree 4.0.3 or newer is required). kdelibs 2.1.2 will
not work with versions of Qt older than 2.2.3.

For further instructions on compiling and installing KDE, please
consult the installation instructions (http://www.kde.org/install-source.html)
and, if you encounter problems, the compilation FAQ (http://www.kde.org/compilationfaq.html).

INSTALLING BINARY PACKAGES

Some distributors choose to provide binary packages of KDE for
certain versions of their distribution. Some of these binary
packages for kdelibs 2.1.2 will be available for free download
under http://ftp.kde.org/stable/2.1.2/distribution/
or under the equivalent directory at one of the many KDE ftp server
mirrors http://www.kde.org/mirrors.html).
Please note that the KDE team is not responsible for these packages
as they are provided by third parties — typically, but not always,
the distributor of the relevant distribution (if you have any
questions, please read the KDE Binary Packages Policy (http://dot.kde.org/986933826/)).

kdelibs 2.1.2 requires qt-2.2.3, the free version of which is
available from the above locations usually under the name
qt-x11-2.2.3, although qt-2.2.4 or qt-2.3.0 is recommended (for
anti-aliased fonts, qt-2.3.0 and XFree 4.0.3 or newer is required).
KDE 2.1.2 will not work with versions of Qt older than 2.2.3.

At the time of this release, pre-compiled packages are available
for:

Please check the servers periodically for pre-compiled packages
for other distributions. More binary packages may become available
over the coming days and weeks.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis