Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords. The old stable distribution (woody) doesn't contain kphone packages. For the stable distribution (sarge) this problem has been fixed in version 4.1.0-2sarge1. For the unstable distribution (sid) this problem has been fixed in version 4.2-6. We recommend that you upgrade your kphone package. If your current kphonerc has too lax permissions, you'll need to reset them manually.
Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords.
The old stable distribution (woody) doesn't contain kphone packages.
For the stable distribution (sarge) this problem has been fixed in version 4.1.0-2sarge1.
For the unstable distribution (sid) this problem has been fixed in version 4.2-6.
We recommend that you upgrade your kphone package. If your current kphonerc has too lax permissions, you'll need to reset them manually.
MD5 checksums of the listed files are available in the original advisory.