[ubuntu/jaunty-security] kvirc_4.0.0~svn3039-0ubuntu2.1_amd64_translations.tar.gz, kvirc, kvirc_4.0.0~svn3039-0ubuntu2.1_i386_translations.tar.gz, kvirc_4.0.0~svn3039-0ubuntu2.1_ia64_translations.tar.gz, kvirc_4.0.0~svn3039-0ubuntu2.1_powerpc_translations.tar.gz, kvirc_4.0.0~svn3039-0ubuntu2.1_lpia_translations.tar.gz, kvirc_4.0.0~svn3039-0ubuntu2.1_sparc_translations.tar.gz (delayed), kvirc_4.0.0~svn3039-0ubuntu2.1_armel_translations.tar.gz 4:4.0.0~svn3039-0ubuntu2.1 (Accepted)

[Ubuntu Installer]

kvirc (4:4.0.0~svn3039-0ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: Two security issues have been discovered in the DCC
    protocol support code of kvirc, a KDE-based next generation IRC client,
    which allow the overwriting of local files through directory traversal
    and the execution of arbitrary code through a format string attack.
    - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
      - Patch based on upstream SVN revision 4317.
    - CVE-2010-2451, CVE-2010-2452:
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
      - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
    - LP: #601702

Date: Mon, 05 Jul 2010 00:45:44 +0200
Changed-By: Andreas Wenning <awen at awen.dk>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/kvirc/4:4.0.0~svn3039-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Mon, 05 Jul 2010 00:45:44 +0200
Source: kvirc
Binary: kvirc kvirc-data kvirc-dev
Architecture: source
Version: 4:4.0.0~svn3039-0ubuntu2.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Andreas Wenning <awen at awen.dk>
Description: 
 kvirc      - KDE based next generation IRC client with module support
 kvirc-data - Data files for KVIrc
 kvirc-dev  - Development files for KVIrc
Launchpad-Bugs-Fixed: 601702
Changes: 
 kvirc (4:4.0.0~svn3039-0ubuntu2.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: Two security issues have been discovered in the DCC
     protocol support code of kvirc, a KDE-based next generation IRC client,
     which allow the overwriting of local files through directory traversal
     and the execution of arbitrary code through a format string attack.
     - kubuntu_01_CVE-2010-2451_CVE-2010-2451_DCC_fix.patch
       - Patch based on upstream SVN revision 4317.
     - CVE-2010-2451, CVE-2010-2452:
       - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2451
       - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2452
     - LP: #601702
Checksums-Sha1: 
 41894abd125e2e850791820003d2d4070bbb03e9 1454 kvirc_4.0.0~svn3039-0ubuntu2.1.dsc
 5cb27c3197384c633e502ae014447370f2c96858 27830 kvirc_4.0.0~svn3039-0ubuntu2.1.diff.gz
Checksums-Sha256: 
 cbcb9e7f098591f49594d7cc13c6af91769d7ec0557f868fbc2023d50af3b1c4 1454 kvirc_4.0.0~svn3039-0ubuntu2.1.dsc
 e8dd0124e54667b1603b0a0b70b8cf8a4e90340023141595a25213b4a8872c91 27830 kvirc_4.0.0~svn3039-0ubuntu2.1.diff.gz
Files: 
 7b0ca9e8d88abbb8eb7e6ff7265d6b67 1454 net optional kvirc_4.0.0~svn3039-0ubuntu2.1.dsc
 b45eaa9b446b0239ef9403dafded7a66 27830 net optional kvirc_4.0.0~svn3039-0ubuntu2.1.diff.gz
Original-Maintainer: Debian KDE Extras Team <pkg-kde-extras at lists.alioth.debian.org>