Security needs to take a look at the current snapshot
#9 Updated by jsegitz about 1 year ago
- Status changed from New to Feedback
The same issue exists in 15.1. kdeconnect is listening by default on port 1716 and I think it might have an exploitable flaw. I'll track that in a Bugzilla entry once I figured it out. By default the systems aren't vulnerable due to the firewall, but it's still not great.
Disabling kdeconnect now probably won't work I assume.
Apart from that I opened a bug to harden the sshd config, but we'll do that in Factory. So from my side it's a go.