The KDE security team has published a security advisory concerning a local root vulnerability: kcheckpass can, in some configurations, be used to gain root access. All KDE releases starting from KDE 3.2.0 up to including KDE 3.4.2 are affected.
I actually know the guy that found the vulnerability. Great that this gets relayed to the kde team. Many eyes make bugs shallow :)
I think security is as security does