The KDE Project today released a
affecting all versions of KDE 2 and KDE 3. The advisory is the culmination of
the security audit which delayed
the release of KDE 3.1 until January. The KDE Project strongly encourages all KDE users to upgrade to
KDE 3.0.5a, which was also
today, or to apply the
for KDE 2.2.2. Due to the year-end Holidays, few binary packages are
available at this time. Please check
the KDE 3.0.5a information
page and your vendor's website periodically for available packages.
Note that some vendors are expected to incorporate
the security improvements into new builds of KDE 3.0.5.