Accepted kdegraphics 4:3.5.0-0ubuntu4 (source)
Jonathan Riddell
jriddell at ubuntu.com
Mon Jan 9 02:45:03 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 8 Jan 2006 23:15:49 +0000
Source: kdegraphics
Binary: kdegraphics-kfile-plugins ksnapshot kviewshell kghostview libkscan-dev kruler kcoloredit kamera kdegraphics-dev libkscan1 kview kdegraphics-doc-html kpdf ksvg kdvi kiconedit kfax kfaxview kuickshow kooka kdegraphics kolourpaint kmrml kgamma kpovmodeler
Architecture: source
Version: 4:3.5.0-0ubuntu4
Distribution: dapper
Urgency: low
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Description:
kamera - digital camera io_slave for Konquerer
kcoloredit - a color palette editor and color picker for KDE
kdegraphics - graphics apps from the official KDE release
kdegraphics-dev - development files for the KDE graphics module
kdegraphics-doc-html - KDE graphics documentation in HTML format
kdegraphics-kfile-plugins - KDE metainfo plugins for graphic files
kdvi - dvi viewer for KDE
kfax - G3/G4 fax viewer for KDE
kfaxview - G3/G4 fax viewer for KDE using kviewshell
kgamma - gamma correction module for the KDE Control Center
kghostview - PostScript viewer for KDE
kiconedit - an icon editor for KDE
kmrml - a Konqueror plugin for searching pictures
kolourpaint - a simple paint program for KDE
kooka - scanner program for KDE
kpdf - PDF viewer for KDE
kpovmodeler - a graphical editor for povray scenes
kruler - a screen ruler and color measurement tool for KDE
ksnapshot - screenshot utility for KDE
ksvg - SVG viewer for KDE
kuickshow - KDE image/slideshow viewer
kview - simple image viewer/converter for KDE
kviewshell - generic framework for viewer applications in KDE
libkscan-dev - development files for the KDE scanner library
libkscan1 - scanner library for KDE
Changes:
kdegraphics (4:3.5.0-0ubuntu4) dapper; urgency=low
.
* SECURITY UPDATE: Multiple integer/buffer overflows.
* Update kubuntu_04_xpdf_vulnerability.diff
* xpdf/Stream.cc, CCITTFaxStream::CCITTFaxStream():
- Check columns for negative or large values.
- CVE-2005-3624
* xpdf/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
- Reset numComps to 0 since it's a global variable that is used later.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readHuffmanTables():
- Fix out of bounds array access in Huffman tables.
- CVE-2005-3627
* xpdf/Stream.cc, DCTStream::readMarker():
- Check for EOF in while loop to prevent endless loops.
- CVE-2005-3625
* xpdf/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(), JBIG2Bitmap::expand(),
JBIG2Stream::readHalftoneRegionSeg():
- Check user supplied width and height against invalid values.
- Allocate one extra byte to prevent out of bounds access in combine().
- CVE-2005-3628
* References:
CVE-2005-3626
CESA-2005-003
http://www.kde.org/info/security/advisory-20051207-2.txt
Files:
d3fcc52b48589663a703e9f14dab9260 1449 kde optional kdegraphics_3.5.0-0ubuntu4.dsc
e6de6b5a9060a42e7044f4fd8b72bea7 236035 kde optional kdegraphics_3.5.0-0ubuntu4.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDwczZpQbm1N1NUIgRAnY6AKDoVSsUCdwt0EwYBZuqx7OhqhJoYwCfX7EF
/ou7OqLcJK1LjHq+FvJWtYA=
=dTX/
-----END PGP SIGNATURE-----
Accepted:
kdegraphics_3.5.0-0ubuntu4.diff.gz
to pool/main/k/kdegraphics/kdegraphics_3.5.0-0ubuntu4.diff.gz
kdegraphics_3.5.0-0ubuntu4.dsc
to pool/main/k/kdegraphics/kdegraphics_3.5.0-0ubuntu4.dsc
More information about the dapper-changes
mailing list