diff -ur kdelibs-3.5.10/kdecore/kconfigbase.cpp kdelibs-3.5.10-CVE-2019-14744/kdecore/kconfigbase.cpp
--- kdelibs-3.5.10/kdecore/kconfigbase.cpp	2008-02-13 10:41:09.000000000 +0100
+++ kdelibs-3.5.10-CVE-2019-14744/kdecore/kconfigbase.cpp	2019-08-09 00:08:17.933610551 +0200
@@ -258,26 +258,7 @@
 
       while( nDollarPos != -1 && nDollarPos+1 < static_cast<int>(aValue.length())) {
         // there is at least one $
-        if( (aValue)[nDollarPos+1] == '(' ) {
-          uint nEndPos = nDollarPos+1;
-          // the next character is no $
-          while ( (nEndPos <= aValue.length()) && (aValue[nEndPos]!=')') )
-              nEndPos++;
-          nEndPos++;
-          QString cmd = aValue.mid( nDollarPos+2, nEndPos-nDollarPos-3 );
-
-          QString result;
-          FILE *fs = popen(QFile::encodeName(cmd).data(), "r");
-          if (fs)
-          {
-             {
-             QTextStream ts(fs, IO_ReadOnly);
-             result = ts.read().stripWhiteSpace();
-             }
-             pclose(fs);
-          }
-          aValue.replace( nDollarPos, nEndPos-nDollarPos, result );
-        } else if( (aValue)[nDollarPos+1] != '$' ) {
+        if( (aValue)[nDollarPos+1] != '$' ) {
           uint nEndPos = nDollarPos+1;
           // the next character is no $
           QString aVarName;
diff -ur kdelibs-3.5.10/kdecore/README.kiosk kdelibs-3.5.10-CVE-2019-14744/kdecore/README.kiosk
--- kdelibs-3.5.10/kdecore/README.kiosk	2005-09-10 10:27:12.000000000 +0200
+++ kdelibs-3.5.10-CVE-2019-14744/kdecore/README.kiosk	2019-08-09 00:09:28.552462522 +0200
@@ -642,18 +642,6 @@
 Name[$ei]=${USER}
 
 
-Shell Commands in KDE config files.
-===================================
-
-In KDE3.1 arbitrary entries in configuration files can contain shell 
-commands. This way the value of a configuration entry can be determined
-dynamically at runtime. In order to use this the entry must be marked 
-with [$e]. 
-
-Example:
-Host[$e]=$(hostname)
-
-
 KDE3 Kiosk Application API
 ==========================