[ubuntu/karmic-security] kdelibs_3.5.10.dfsg.1-2ubuntu7.2_i386_translations.tar.gz, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_powerpc_translations.tar.gz, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_sparc_translations.tar.gz, kdelibs, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_armel_translations.tar.gz, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_amd64_translations.tar.gz, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_ia64_translations.tar.gz, kdelibs_3.5.10.dfsg.1-2ubuntu7.2_lpia_translations.tar.gz 4:3.5.10.dfsg.1-2ubuntu7.2 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Fri Dec 11 01:03:52 GMT 2009
kdelibs (4:3.5.10.dfsg.1-2ubuntu7.2) karmic-security; urgency=low
[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to
float
- debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
large field numbers in kjs/dtoa.cpp
- CVE-2009-0689
[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
rendered using a KHTML instance, this can trigger uncontrolled
XMLHTTPRequests to remote sites
- Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
restricts xmlhttprequest to http protocols only
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE-2009-XXXX
Date: Mon, 07 Dec 2009 15:14:25 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/kdelibs/4:3.5.10.dfsg.1-2ubuntu7.2
-------------- next part --------------
Format: 1.8
Date: Mon, 07 Dec 2009 15:14:25 -0600
Source: kdelibs
Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs-dbg
Architecture: source
Version: 4:3.5.10.dfsg.1-2ubuntu7.2
Distribution: karmic-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
kdelibs - core libraries from the official KDE release
kdelibs-data - core shared data for all KDE applications
kdelibs-dbg - debugging symbols for kdelibs
kdelibs4-dev - development files for the KDE core libraries
kdelibs4c2a - core libraries and binaries for all KDE applications
Changes:
kdelibs (4:3.5.10.dfsg.1-2ubuntu7.2) karmic-security; urgency=low
.
[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to
float
- debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
large field numbers in kjs/dtoa.cpp
- CVE-2009-0689
.
[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
rendered using a KHTML instance, this can trigger uncontrolled
XMLHTTPRequests to remote sites
- Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
restricts xmlhttprequest to http protocols only
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE-2009-XXXX
Checksums-Sha1:
b5076e4d8a1c28fc8752e7320f33fea81baa531e 2342 kdelibs_3.5.10.dfsg.1-2ubuntu7.2.dsc
89b57375d6f7807259f4c198ffbba07b657ecd83 886928 kdelibs_3.5.10.dfsg.1-2ubuntu7.2.diff.gz
Checksums-Sha256:
a0ba7974021ab29716cb36985ad4b4f5bc712c414a6696776df8962a9f017bc7 2342 kdelibs_3.5.10.dfsg.1-2ubuntu7.2.dsc
d5619fc8c673e1776a04614c9b2a107919443dabbb37dccb180ac510844b3759 886928 kdelibs_3.5.10.dfsg.1-2ubuntu7.2.diff.gz
Files:
3b49bfd2ffc8ab9e1240e08eafa47f1a 2342 libs optional kdelibs_3.5.10.dfsg.1-2ubuntu7.2.dsc
afddbeaeb9d7dd1b8805202629df7a3e 886928 libs optional kdelibs_3.5.10.dfsg.1-2ubuntu7.2.diff.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
More information about the Karmic-changes
mailing list