Kubuntu tells us how to protect ourselves from the recently discovered Plasma security flaw

Safe plasma

Yesterday, just over a day after will be published which Plasma has a security flaw, KDE Community had already created patches to fix the vulnerability. The first to install them were users of KDE neon, an operating system developed by the KDE community that uses special repositories. Kubuntu users, who by default use the official repositories, still have to wait, unless we do what They have published a few minutes ago.

Kubuntu has already delivered the patch to Canonical and now it is Mark Shuttleworth's company who has to review them and publish them in the official repositories. If we want to install them without waiting another minute, we have two options that share an action: add a repository, among which we will have to choose the one for Kubuntu updates or its Backports repository. Below you have more information about it.

Add a repository to fix the Plasma bug

backports

El Backports repository KDE can be much more interesting, but it is also more "dangerous", in quotes. The danger is that we will install software like new versions of Plasma, KDE Applications or KDE Frameworks first, which means that we use less tested and stable software. The good news is that these types of security updates also arrive before the official repositories. We can install it by opening a terminal and typing these commands:

sudo add-apt-repository ppa:kubuntu-ppa/backports

updates

On the other hand, we have the Kubuntu update repository. Basically it is a repository where we will first test everything that Kubuntu has prepared. On their website they give as an example that Kubuntu 15.10 users were able to test Plasma 5.4.2 from Plasma 5.4.1 before the packages were delivered to the Ubuntu update repository. In other words, it is a shortcut. This is the option to choose if we just want to apply the patch sooner. We will add the repository with this command:

sudo add-apt-repository ppa:kubuntu-ppa/ppa

In both cases, after adding the repository we will write these two other commands:

sudo apt update
sudo apt full-upgrade

According to security experts, it was not a very serious failure for how difficult it was to exploit, but the KDE Community did not want to risk it. He has repaired it in record time and users can be 100% calm. From here, again: thank you.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.