Hi, This issue has been confirmed by upstream and a patch has been made available: http://www.kde.org/info/security/advisory-20070816-1.txt
While the security team has judged this not to be imporant enough to release a DSA for, it would still be quite desirable to fix it in unstable on the first possible occasion. The following CVE id's have been assigned to this issue: CVE-2007-4224, CVE-2007-4225, CVE-2007-3820. Please mention them in the changelog when closing the bug. Thanks! Thijs
pgpk30XjidzGJ.pgp
Description: PGP signature
