CVE-2018-6790: An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
This package will soon be part of the auto-libqalculate transition. You might want to ensure that your package is ready for it.
You can probably find supplementary information in the
debian-release
archives or in the corresponding
release.debian.org
bug.