Actions
action #61314
closedSecurity Audit
Description
Security needs to take a look at the current snapshot
Actions
Added by lnussel over 4 years ago. Updated almost 4 years ago.
Description
Security needs to take a look at the current snapshot
Moving due to changed timeline
I'll need at least one more day as I found an issue I want to investigate
The same issue exists in 15.1. kdeconnect is listening by default on port 1716 and I think it might have an exploitable flaw. I'll track that in a Bugzilla entry once I figured it out. By default the systems aren't vulnerable due to the firewall, but it's still not great.
Disabling kdeconnect now probably won't work I assume.
Apart from that I opened a bug to harden the sshd config, but we'll do that in Factory. So from my side it's a go.