KDE and QT were updated to fix security issues and bugs.
The following vulerabilities were fixed:
* CVE-2014-0190: Malformed GIF files could have crashed QT based applications
* CVE-2015-0295: Malformed BMP files could have crashed QT based applications
* CVE-2014-8600: Multiple cross-site scripting (XSS) vulnerabilities in the KDE runtime could have allowed remote attackers to insert arbitrary web script or HTML via crafted URIs using one of several supported URL schemes
* CVE-2014-8483: A missing size check in the Blowfish ECB could have lead to a crash of Konversation or 11 byte information leak
* CVE-2014-3494: The KMail POP3 kioslave accepted invalid certifiates and allowed a man-in-the-middle (MITM) attack
Additionally, Konversation was updated to 1.5.1 to fix bugs.
- Submitted by Hrvoje Senjan (sumski)