ZDNet

KDE rips out ability for KConfig to run shell code

KDE has fixed a vulnerability within its KDE Framework that allowed for malicious code execution simply by viewing a .desktop file, by removing the feature being exploited altogether. Earlier this ...
Bleeping Computer

KDE Vulnerability Fixed By Removing Shell Command Support

A code execution vulnerability in the KDE desktop manager has been resolved by removing support for shell commands in the KConfig configuration system. Earlier this week, BleepingComputer reported on ...
Linux Journal

Moving Compiler Dependency Checks to Kconfig

The Linux kernel config system, Kconfig, uses a macro language very similar to the make build tool's macro language. There are a few differences, however. And of course, make is designed as a ...