|
| This Week... |
|
A security fix developed for KDM, covering KDE 3.3.0 to 3.5.7. A KioBrowser data engine, HDD monitor applet, and general layout work in Plasma. More refinements in Parley (formerly KVocTrain). GeoData subproject in Marble to support popular geographic data formats. An AI player added to Kombination. Development renewed on the KPicross game. Basic printing support in Gwenview. Improved mimetype detection, as per the cross-desktop specifications. More work on text highlighting in Kate. Continued developments and optimisations in Akonadi, including the OpenChange (Exchange) connector. Further work on the GStreamer Phonon backend. Colourspace work in Krita, greater definition given to KChart2. File management part in Konqueror is replaced by a shared Dolphin part usage. More KDE SVN reorganisations.
|
Brad Hards discusses work on the OpenChange plugin for Akonadi:
|
Microsoft Exchange support has been a long-requested feature for KMail (add bug number). Of course, if the Exchange administrator has enabled IMAP, then you can use that to get your email. However if you want all the groupware features, then you really need to be able to use the native protocols.
The native protocols are normally called "MAPI", which is slightly misleading, but convenient. There are really two protocols that run over Microsoft Remote Procedure Call (RPC) - one for the message store (the EMSMDB protocol), and one for the address book (the NSPI protocol).
Akonadi is the next-generation groupware infrastructure, currently under development as part of KDE-PIM. Akonadi components communicate using D-Bus (rather than the normally shared library arrangement we normally have within KDE), so to provide "native MAPI" within Akonadi, we need an application that conceptually translates Akonadi D-Bus calls into matching Exchange RPC calls. That would be a lot of work to do from scratch, but fortunately, we don't need to.
There are a couple of applications in the Open Source/Free Software world that have extensive experience with Microsoft RPC - Wireshark and Samba.
OpenChange is a project that builds on Samba (Wireshark is also used for development, but not at run-time) to provide support for the client-side and server-side "MAPI protocols". The client-side consists of two libraries and some command-line applications, and the server-side consists of a server plugin for Samba. Both client and server components rely on Samba 4, which has some architectural changes that really help to build add-ons like OpenChange - certainly it wouldn't be possible to build OpenChange with Samba 3.
The Akonadi resource that I've been working on uses one of the client-side OpenChange libraries to provide access to a Microsoft Exchange server from an Akonadi client application. It will also provide access to an OpenChange server when this is complete. There is a long way to go, but we do have proof-of-concept access to mail and contact information from a Microsoft Exchange server (any of Exchange 5.5, Exchange 2000, Exchange 2003, Small Business Server or Exchange 2007).
The Akonadi OpenChange resource doesn't have much of a GUI, and screenshots of debugging output are pretty boring, but if you use the akonadiconsole demo application, you can see the resource in action.
Note that the folder names are as returned from the server, and all the data in the contact is from the server (created using Outlook 2003 and saved to an Exchange 2007 server). Even the fish image is from the contact created in Outlook.
The Akonadi OpenChange resource can't actually be distributed as a binary at this stage, because of the Samba 4 dependency which introduces a GPLv2 / GPLv3 conflict. I'm confident that will be resolved at some stage in the future though - hopefully for KDE 4.1 which is where Akonadi should become more widely used.
There is still a very long way to go, and (as always) more help is needed in many areas:- OpenChange could use some development assistance, and much more testing. Assistance with getting the Windows port to work would also be most welcome.
- Akonadi is progressing, but still needs some more work. It would be particularly useful if there were more Models and Views. This can be done without access to an Exchange server.
- I'd love some help with the Akonadi OpenChange resource, especially if you're at all familiar with Outlook/Exchange/MAPI, or Akonadi.
- Akonadi isn't really designed to send mail (of any kind), but we do need to support sending mail over MAPI protocols. That will require changes to the MailTransport classes within kdepimlibs.
If you'd like to get involved, please get in contact with me. I'd like to see some corporate involvement too - especially for OpenChange which has potential benefits well beyond KDE (note that I'm not looking for any financial support myself).
|
|
Dirk Mueller announces a KDE Security Advisory: KDM passwordless login vulnerability:
|
Original Release Date: 2007-09-19
URL: http://www.kde.org/info/security/advisory-20070919-1.txt
0. References
CVE-2007-4569
1. Systems affected
KDM as shipped with KDE 3.3.0 up to including 3.5.7. KDE 3.2.x and older and newer versions than KDE 3.5.7 are not affected.
2. Overview
KDM can be tricked into performing a password-less login even for accounts with a password set under certain circumstances, namely autologin to be configured and "shutdown with password" enabled.
This vulnerability was discovered and reported by Kees Huijgen.
3. Impact
KDM might allow a normal user to login as another user or even root without properly supplying login credentials.
4. Solution
Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages.
5. Patch
A patch for KDE 3.5.0 - KDE 3.5.7 is available from ftp://ftp.kde.org/pub/kde/security_patches:
ee6c57046902c5b5a32a4699558baafc post-3.5.7-kdebase-kdm.diff
A patch for KDE 3.3.0 - KDE 3.4.2 is available from ftp://ftp.kde.org/pub/kde/security_patches:
ad7333a336bdbaef7fae5e74cd12119b post-3.4.2-kdebase-kdm.diff
|
|
It has been a while since I last congratulated a contributor on their weekly bug killing score (this reduced bug killing rate really reflects the strong shift in development towards KDE 4, where bugs haven't started to be filed yet), but I feel a hearty thumbs up should go to Urs Wolfer, who closed 38 bugs this week (many of them due to the recent merge of the KRDC Summer of Code project back into trunk)!
Also of note is the "interesting" composition and relatively low percentages of the KDE 4 internationalisation (i18n) status - this will rapidly change once KDE 4 is in string freeze and the translators have a solid target to aim for.
|
|
| Statistics |
|
| Contents |
|
|
Bug Fixes |
Features |
Optimise |
Security |
Other |
|
Accessibility |
 |
|
|
|
|
|
Development Tools |
|
![[*]](/images/standard/features) |
|
|
![[*]](/images/standard/other) |
|
Educational |
![[*]](/images/standard/bugfixes) |
|
|
|
|
|
Graphics |
|
|
|
|
|
|
KDE-Base |
|
|
![[*]](/images/standard/optimise) |
![[*]](/images/standard/security) |
|
|
KDE-PIM |
|
|
|
|
|
|
Office |
|
|
|
|
|
|
Konqueror |
|
|
|
|
|
|
Multimedia |
|
|
|
|
|
|
Networking Tools |
|
|
|
|
|
|
User Interface |
|
|
|
|
|
|
Utilities |
|
|
|
|
|
|
Games |
|
|
|
|
|
|
Other |
|
|
|
|
|
|
|
Bug Fixes |
|
|
|
|
|
|
|
|
|
|
