According to the KDE project here, the original patch contained errors.
The original vulnerability caused problems for the kimgio component when processing PCX image files. Basically any hacker could use the weakness to execute malicious code and take over a system. The flaw affects KDE Versions 3.2 to 3.4, according to KDE.
The patches last month fixed the problem, but still allowed local users to exploit the bug by serving files from the /tmp directory. It also introduced a new bug that triggered kimgio's compatibility with .rgb images.
A patch is FTPable here. µ
Sign up for INQbot – a weekly roundup of the best from the INQ