MGASA-2014-0432

This KDE 4 update provides an upgrade to the last stable version of KDE Applications and Development Platform for the 4.12 series, and updates Plasma Workspaces to 4.11.12.

This update fixes several security vulnerabilities - KMail/KIO POP3 SSL MITM Flaw (CVE-2014-3494 - mga#13545) - KAuth PID Reuse Flaw (CVE-2014-5033 - mga#13792) - krfb: possible denial of service or code execution via integer overflow (CVE-2014-4607 - mga#13933) - krfb: multiple security issues in libvncserver (mga#14205) (CVE-2014-6053, CVE-2014-6054, CVE-2014-6055)

and additional issues - poxml is compiled without antlr (mga#12612) - crashes in bluedevil (mga#12751, mga#13618, mga#13728) - kdelibs file dialog isn't properly translated in pure Qt apps (mga#12982) - kate: self-closing xml tag breaks indentation (mga#13275, bko#330174) - krdc missing dependency on freerdp (mga#13292) - lock screen: can't start a new session after playing around with buttons (mga#13300, bko#331761) - kbreakout missing dependency on libkdegames-corebindings (mga#13531) - meinproc4 doesn't substitute entity with fixed libxml2 (mga#13555, mga#13559, bko#335001) - calligra-words missing dependency on soprano-plugin-redland (mga#12008) - digikam can't export to flickr (mga#13778, bko#336835)

See the referenced buglists in KDE announcements for the complete list of fixes.