Errata overview
Errata ID 559
Date 2019-08-14
Source package kconfig
Fixed in version 5.28.0-2+deb9u1
This update addresses the following issue:
* In KDE Frameworks KConfig malicious desktop files and configuration files
  lead to code execution with minimal user interaction. This relates to, and the mishandling of .desktop and .directory files.
Additional notes
CVE ID CVE-2019-14744
UCS Bug number #49993