Skip to content

KDE 3.0.4 Info Page

Wednesday, 9 October 2002

KDE 3.0.4 was released on October 9th, 2002. Read the official announcement.

This page will be updated to reflect changes in the status of 3.0.4 release so check back for new information.

FAQ

See the KDE FAQ for any specific questions you may have. Questions about Konqueror should be directed to the Konqueror FAQ and sound related questions are answered in the FAQ of the aRts Project

Download and Installation

Source code

LocationSizeMD5 Sum
arts-1.0.41001KBa88c1d7f2eb8d702045400c37b6d582e
kde-i18n-3.0.493MB14cd99b51ea8fa55c4b78498484dc781
kdeaddons-3.0.4921KB6ced17e59e7fd36e606623e226c47718
kdeadmin-3.0.41.3MB6e93fd31067deab4e08460e84174dd19
kdeartwork-3.0.411MBf7a7e75b66620a33680107874fa5a941
kdebase-3.0.413MBd82ddae716912a3195139c8755e5c668
kdebindings-3.0.44.9MBa21da18ab557d6b26161e4ec883e96b1
kdeedu-3.0.48.7MB141cea8c0186d6c75fdb4f7a069a48d9
kdegames-3.0.47.0MB5f7ea33c54e68fd673c5c48b49e0c1e3
kdegraphics-3.0.42.6MB6065219c825102c843ba582c4a520cac
kdelibs-3.0.47.3MB0b81f457a78c07978d2c973e0d7d7d49
kdemultimedia-3.0.45.6MBebb28282a85bd3e06a4d9cd9c7df6537
kdenetwork-3.0.43.8MB9f64e76cc6b922e1bf105099e3bf8205
kdepim-3.0.43.1MB0455afeec058386049a46e7ea5ec9363
kdesdk-3.0.41.8MB13c54f973533f4816069e82f7f375c34
kdetoys-3.0.41.4MBd39101459a5c5a3e5b241e57882e0c20
kdeutils-3.0.41.5MBe34ccb00b25f04f0a27474fa17d68e77

The translation package has been split into individual language packages so you can download only the translations you need.

Binary packages

Binary packages can be found under http://download.kde.org/stable/3.0.4/ or in the equivalent directory at one of the KDE FTP mirrors.

The current list of available binary packages:

Several users have contributed packages for this release. You can find them in the contrib subdir of the KDE 3.0.4 download area.

Additional binary packages might become available in the coming weeks, as well as updates to the current packages.

Updates

Security Issues

Please report possible problems to security@kde.org.

  • Several vulnerabilites have been found in LISa/resLISa and the rlan:// protocol, including the possibility to escalate the privileges to root via a remote attack. See the detailed advisory for an explanation and instructions for immediate workaround. A patch is available for download. The use of LISa/resLISa is strongly discouraged in any security relevant area. Never make it available outside your local, trusted network.
  • the rlogin protocol implementation in KIO allows remote command execution. See the detailed advisory for an explanation and instructions for immediate workaround. A patch is available for download.
  • Several shell escaping vulnerabilities have been found throughout KDE which allow a remote attacker to execute commands as the local user. Read the detailed advisory. It is strongly recommended to update to KDE 3.0.5a.

  • Several problems with KDE's use of Ghostscript where discovered that allow the execution of arbitrary commands contained in PostScript (PS) or PDF files with the privileges of the victim. Read the detailed advisory. It is strongly recommended to update to KDE 3.0.5b
  • A HTTP authentication credentials leak via the a "Referrer" was discovered by George Staikos in Konqueror. If the HTTP authentication credentials were part of the URL they would be possibly sent in the referer header to a 3rd party web site. Read the detailed advisory. KDE 3.1.3 and newer are not vulnerable.

Bugs

This is a list of grave bugs and common pitfalls surfacing after the release date:

  • currently none known.

Developer Info

If you need help porting your application to KDE 3.x see the porting guide or subscribe to the KDE Devel Mailinglist to ask specific questions about porting your applications.

There is also info on the architecture and the programming interface of KDE 3.0.