[ubuntu/lucid] kdelibs 4:3.5.10.dfsg.1-3ubuntu1 (Accepted)

Scott Kitterman scott at kitterman.com
Sat Jan 9 20:30:18 GMT 2010 

kdelibs (4:3.5.10.dfsg.1-3ubuntu1) lucid; urgency=low

  * Merge from Debian Testing.  Remaining Ubuntu changes:
    - make sure control and control.in are in sync
    - --with-distribution="Kubuntu (`lsb_release --codename --short`)
      $(DEB_VERSION)"
    - binary-install/kdelibs-data installs aboutkde-kubuntu.png.uu and
      cr*-device-system.png.uu
    - don't build-dep on libgamin-dev, libfam-dev
    - stop kdelibs4-dev depending on gamin/fam
    - don't install .svgz icons, docs or all_languages in kdelibs-data.install
    - rosetta support in rules common-install-prehook-impl:: [and
      common-post-build-arch:: ?] and include debian/kubuntu-desktop-i18n/
    - build-dep on: gettext-kde, kdesdk-scripts, lsb-release, base-files, sudo
    - cdbs build-dep 0.4.41ubuntu2
    - kdelibs4-dev depends on gettext-kde, kdesdk-scripts
    - copy debian/icons over
    - Make kdelibs4c2a depend on launchpad-integration, sudo.  Recommends on
      xdg-user-dirs
    - Remove 19_debianize_useragent.diff (changed to
      kubuntu_19_debianize_useragent.diff) s/Debian/Kubuntu
    - remove kdelibs4c2a depends on menu-xdg
    - include kubuntu_01_kdepot.diff and kde.pot in debian/patches/common
    - use a local copy of kde.mk without the common-install-prehook-impl::
      rule; edit debian-qt-kde.mk to include debian/cdbs/kde.mk
    - build with --with-sudo-kdesu-backend and build-dep on sudo and make
      kdelibs4c2a depend on sudo
    - kdelibs-data.install : Add nzb mimetype
    - Make kdelibs4-dev replace more recent kdelibs4c2a for overlapping files
    - remove /usr/bin/preparetips, arts files and ksvntopng from
      kdelibs4-dev.install
    - Drop the package kdelibs4-doc completely. It contained API documentation
      which is now obsolete, but still available via api.kde.org.
    - make sure control and control.in are in sync
    - in debian/rule remove .pot files outside .po directory
    - 97_automake_cleanup.diff becomes kubuntu_97_automake_cleanup.diff
  * Remove libarts1-dev from build-depends and kdelibs4-dev depends from control.in
  * Drop debian/patches/kubuntu_62_flash_installer.diff (obsolete and broken)
  * Drop debian/patches/kubuntu_gcc4.4_ftbfs.diff, now included from Debian as
    debian/patches/65_gcc4.4_ftbfs.diff
  * Drop debian/patches/security_05_CVE-2009-0689.diff, now included from
    Debian as debian/patches/CVE-2009-0689.diff

kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high

  +++ Changes by Scott Kitterman (patches from Kubuntu):

  * SECURITY UPDATE: fix buffer overflow when converting string to float.
    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
      numbers in kjs/dtoa.cpp (Closes: #559265)
    - CVE-2009-0689
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
   - Ark and KMail performs insufficient validation which leads to
     specially crafted archive files, using unknown MIME types, to be
     rendered using a KHTML instance, this can trigger uncontrolled
     XMLHTTPRequests to remote sites.
   - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
     restricts xmlhttprequest to http protocols only.
   - http://www.kde.org/info/security/advisory-20091027-1.txt
   - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
   - CVE n/a
  * Fix FTBFS with gcc 4.4.
   - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
  * Update Vcs* in debian/control for new location.

  +++ Changes by Ana Beatriz Guerrero Lopez:

  * Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
  * Remove Sune from Uploaders per his request.
  * Update Armin and Modestas emails.

Date: Sat, 09 Jan 2010 13:49:59 -0500
Changed-By: Scott Kitterman <scott at kitterman.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Signed-By: Scott Kitterman <ubuntu at kitterman.com>
https://launchpad.net/ubuntu/lucid/+source/kdelibs/4:3.5.10.dfsg.1-3ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 09 Jan 2010 13:49:59 -0500
Source: kdelibs
Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs-dbg
Architecture: source
Version: 4:3.5.10.dfsg.1-3ubuntu1
Distribution: lucid
Urgency: high
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Scott Kitterman <scott at kitterman.com>
Description: 
 kdelibs    - core libraries from the official KDE release
 kdelibs-data - core shared data for all KDE applications
 kdelibs-dbg - debugging symbols for kdelibs
 kdelibs4-dev - development files for the KDE core libraries
 kdelibs4c2a - core libraries and binaries for all KDE applications
Closes: 556564 559265
Changes: 
 kdelibs (4:3.5.10.dfsg.1-3ubuntu1) lucid; urgency=low
 .
   * Merge from Debian Testing.  Remaining Ubuntu changes:
     - make sure control and control.in are in sync
     - --with-distribution="Kubuntu (`lsb_release --codename --short`)
       $(DEB_VERSION)"
     - binary-install/kdelibs-data installs aboutkde-kubuntu.png.uu and
       cr*-device-system.png.uu
     - don't build-dep on libgamin-dev, libfam-dev
     - stop kdelibs4-dev depending on gamin/fam
     - don't install .svgz icons, docs or all_languages in kdelibs-data.install
     - rosetta support in rules common-install-prehook-impl:: [and
       common-post-build-arch:: ?] and include debian/kubuntu-desktop-i18n/
     - build-dep on: gettext-kde, kdesdk-scripts, lsb-release, base-files, sudo
     - cdbs build-dep 0.4.41ubuntu2
     - kdelibs4-dev depends on gettext-kde, kdesdk-scripts
     - copy debian/icons over
     - Make kdelibs4c2a depend on launchpad-integration, sudo.  Recommends on
       xdg-user-dirs
     - Remove 19_debianize_useragent.diff (changed to
       kubuntu_19_debianize_useragent.diff) s/Debian/Kubuntu
     - remove kdelibs4c2a depends on menu-xdg
     - include kubuntu_01_kdepot.diff and kde.pot in debian/patches/common
     - use a local copy of kde.mk without the common-install-prehook-impl::
       rule; edit debian-qt-kde.mk to include debian/cdbs/kde.mk
     - build with --with-sudo-kdesu-backend and build-dep on sudo and make
       kdelibs4c2a depend on sudo
     - kdelibs-data.install : Add nzb mimetype
     - Make kdelibs4-dev replace more recent kdelibs4c2a for overlapping files
     - remove /usr/bin/preparetips, arts files and ksvntopng from
       kdelibs4-dev.install
     - Drop the package kdelibs4-doc completely. It contained API documentation
       which is now obsolete, but still available via api.kde.org.
     - make sure control and control.in are in sync
     - in debian/rule remove .pot files outside .po directory
     - 97_automake_cleanup.diff becomes kubuntu_97_automake_cleanup.diff
   * Remove libarts1-dev from build-depends and kdelibs4-dev depends from control.in
   * Drop debian/patches/kubuntu_62_flash_installer.diff (obsolete and broken)
   * Drop debian/patches/kubuntu_gcc4.4_ftbfs.diff, now included from Debian as
     debian/patches/65_gcc4.4_ftbfs.diff
   * Drop debian/patches/security_05_CVE-2009-0689.diff, now included from
     Debian as debian/patches/CVE-2009-0689.diff
 .
 kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high
 .
   +++ Changes by Scott Kitterman (patches from Kubuntu):
 .
   * SECURITY UPDATE: fix buffer overflow when converting string to float.
     - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
       numbers in kjs/dtoa.cpp (Closes: #559265)
     - CVE-2009-0689
   * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
    - Ark and KMail performs insufficient validation which leads to
      specially crafted archive files, using unknown MIME types, to be
      rendered using a KHTML instance, this can trigger uncontrolled
      XMLHTTPRequests to remote sites.
    - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
      restricts xmlhttprequest to http protocols only.
    - http://www.kde.org/info/security/advisory-20091027-1.txt
    - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
    - CVE n/a
   * Fix FTBFS with gcc 4.4.
    - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
   * Update Vcs* in debian/control for new location.
 .
   +++ Changes by Ana Beatriz Guerrero Lopez:
 .
   * Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
   * Remove Sune from Uploaders per his request.
   * Update Armin and Modestas emails.
Checksums-Sha1: 
 7e2dc2b0aef01f7928f8200a707f74a4f183aa0e 2296 kdelibs_3.5.10.dfsg.1-3ubuntu1.dsc
 ddd0462a190853d1bd2173a1b4da17b99566760b 794712 kdelibs_3.5.10.dfsg.1-3ubuntu1.diff.gz
Checksums-Sha256: 
 7c89660908671800ee0b7e8776af9881287c754419cc6224b093a1bdd2ad936a 2296 kdelibs_3.5.10.dfsg.1-3ubuntu1.dsc
 55c4fe951f1531b9fcc572eb02e8e7f2c538ee2bee05c0e834a5fe564f655928 794712 kdelibs_3.5.10.dfsg.1-3ubuntu1.diff.gz
Files: 
 19b2748439a296edb29f10206a2d3920 2296 libs optional kdelibs_3.5.10.dfsg.1-3ubuntu1.dsc
 05a5c60197cd32eaaeb0f698cc58d18f 794712 libs optional kdelibs_3.5.10.dfsg.1-3ubuntu1.diff.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAktI2QoACgkQHajaM93NaGpTGQCdHH25yFX+xAkBIgofFFHzEmm8
cEMAn0tCskkkTTyLwjrgCZHFzZOM2zH2
=YLZc
-----END PGP SIGNATURE-----

More information about the Lucid-changes mailing list