The kdenetwork packages contain networking applications for the K Desktop Environment . A directory traversal flaw was found in the way KGet, a download manager, handled the file element in Metalink files. An attacker could use this flaw to create a specially-crafted Metalink file that, when opened, would cause KGet to overwrite arbitrary files accessible to the user running KGet. Users of kdenetwork should upgrade to these updated packages, which contain a backported patch to resolve this issue. The desktop must be restarted for this update to take effect.