Vulnerability fixed in 4.11.13-r1. Stabilization bug #528466.
@maintainers: Is 4.11.13-r1 ready for stabilization?
Arches have been added to bug 528466
CVE-2014-8651 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8651): The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
Thanks all. Cleanup done my Michael. Removing kde from cc, nothing to do for us anymore. + + 19 Feb 2015; Michael Palimaka <kensington@gentoo.org> + -systemsettings-4.11.9-r1.ebuild, -systemsettings-4.11.9.ebuild:+ + Remove KDE Workspace 4.11.9 +
This issue was resolved and addressed in GLSA 201512-12 at https://security.gentoo.org/glsa/201512-12 by GLSA coordinator Yury German (BlueKnight).