https://bugs.kde.org/show_bug.cgi?id=513926
Bug ID: 513926
Summary: Get New Fonts sent me to a suspicious website
Classification: Frameworks and Libraries
Product: frameworks-knewstuff
Version First 6.21.0
Reported In:
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: general
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected], [email protected]
Target Milestone: ---
SUMMARY
I opened "Get New Fonts" from System Settings and tried to install the "MS True
Type core fonts by SeanParsons" package but it sent me to a suspicious looking
website (https://www.filecroco.c*o*m/file-sharing/ - I added wildcards to avoid
linking to it here). I think it redirected there from a now-defunct URL
(https://thelinuxbox.o*r*g/?page_id=3). I realize that this is "user-created
content" and not directly a part of the KDE project, but I think if there's
risk of sending users to random websites it would be better to deprecate this
whole "Get New Fonts" feature and let people rely on their distro's package
manager for fonts.
STEPS TO REPRODUCE
1. Open "Get New Fonts"
2. Try to install either of the "6,760 Fonts" or "MS True Type core fonts"
packages
3. Get an error asking you to to visit a website instead
4. Click the link, browser opens
5. Original URL silently redirects to a suspicious website
OBSERVED RESULT
User ends up at a suspicious website.
EXPECTED RESULT
Fonts install.
SOFTWARE/OS VERSIONS
Operating System: Fedora Linux 43
KDE Plasma Version: 6.5.4
KDE Frameworks Version: 6.21.0
Qt Version: 6.10.1
ADDITIONAL INFORMATION
--
You are receiving this mail because:
You are watching all bug changes.
