Accepted koffice 1:1.4.2-3ubuntu7 (source)

Jonathan Riddell jriddell at ubuntu.com
Mon Jan 9 03:05:18 GMT 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri,  6 Jan 2006 21:59:30 +0000
Source: koffice
Binary: koffice-data kivio koffice kugar kchart karbon kpresenter kformula koffice-libs kivio-data koshell kspread krita kword koffice-dev koffice-doc-html kthesaurus
Architecture: source
Version: 1:1.4.2-3ubuntu7
Distribution: dapper
Urgency: low
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Description: 
 karbon     - a vector graphics application for the KDE Office Suite
 kchart     - a chart drawing program for the KDE Office Suite
 kformula   - a formula editor for the KDE Office Suite
 kivio      - a flowcharting program for the KDE Office Suite
 kivio-data - data files for Kivio flowcharting program
 koffice    - KDE Office Suite
 koffice-data - common shared data for the KDE Office Suite
 koffice-dev - common libraries for KOffice (development files)
 koffice-doc-html - KDE Office Suite documentation in HTML format
 koffice-libs - common libraries and binaries for the KDE Office Suite
 koshell    - the KDE Office Suite workspace
 kpresenter - a presentation program for the KDE Office Suite
 krita      - a pixel-based image manipulation program for the KDE Office Suite
 kspread    - a spreadsheet for the KDE Office Suite
 kthesaurus - a word processor for the KDE Office Suite
 kugar      - a business report maker for the KDE Office Suite
 kword      - a word processor for the KDE Office Suite
Changes: 
 koffice (1:1.4.2-3ubuntu7) dapper; urgency=low
 .
   * SECURITY UPDATE: Multiple integer/buffer overflows.
   * Update kubuntu_02_xpdf_vulnerability.diff
   * xpdf/Stream.cc, CCITTFaxStream::CCITTFaxStream():
     - Check columns for negative or large values.
     - CVE-2005-3624
   * xpdf/Stream.cc, numComps checks introduced in CVE-2005-3191 patch:
     - Reset numComps to 0 since it's a global variable that is used later.
     - CVE-2005-3627
   * xpdf/Stream.cc, DCTStream::readHuffmanTables():
     - Fix out of bounds array access in Huffman tables.
     - CVE-2005-3627
   * xpdf/Stream.cc, DCTStream::readMarker():
     - Check for EOF in while loop to prevent endless loops.
     - CVE-2005-3625
   * xpdf/JBIG2Stream.cc, JBIG2Bitmap::JBIG2Bitmap(), JBIG2Bitmap::expand(),
     JBIG2Stream::readHalftoneRegionSeg():
     - Check user supplied width and height against invalid values.
     - Allocate one extra byte to prevent out of bounds access in combine().
     - CVE-2005-3628
   * References:
       CVE-2005-3626
       CESA-2005-003
       http://www.kde.org/info/security/advisory-20051207-2.txt
Files: 
 fbb059c6c4bb959b8c30428e38bcbe1b 1112 kde optional koffice_1.4.2-3ubuntu7.dsc
 04c1f877a6340e7fd37c88129a18f8e2 3188286 kde optional koffice_1.4.2-3ubuntu7.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDwdGTpQbm1N1NUIgRAnkwAJ9Gize+kQBoMsKt8lece+lvH/yTUACfRAHs
BM5g4PsorjUTHUDZ6WFEd4s=
=6F6I
-----END PGP SIGNATURE-----


Accepted:
koffice_1.4.2-3ubuntu7.diff.gz
  to pool/main/k/koffice/koffice_1.4.2-3ubuntu7.diff.gz
koffice_1.4.2-3ubuntu7.dsc
  to pool/main/k/koffice/koffice_1.4.2-3ubuntu7.dsc

More information about the dapper-changes mailing list