[ubuntu/lucid-security] kdenetwork_4.4.2-0ubuntu4.1_powerpc_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_amd64_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_sparc_translations.tar.gz (delayed), kdenetwork_4.4.2-0ubuntu4.1_ia64_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_i386_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_armel_translations.tar.gz, kdenetwork 4:4.4.2-0ubuntu4.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu May 13 13:03:21 BST 2010
kdenetwork (4:4.4.2-0ubuntu4.1) lucid-security; urgency=low
* SECURITY UPDATE: file name directory traversal attack (LP: #578856).
- Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
- kget/ui/metalinkcreator/metalinker.cpp check filename is valid
- kget/transfer-plugins/metalink/metalink.cpp if the dialog was not accepted untick every file, so that the download does not start
- CVE-2010-1000, SA39528
Date: Tue, 11 May 2010 16:26:45 +0100
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/kdenetwork/4:4.4.2-0ubuntu4.1
-------------- next part --------------
Format: 1.8
Date: Tue, 11 May 2010 16:26:45 +0100
Source: kdenetwork
Binary: kdenetwork kdenetwork-filesharing kget libkopete4 kopete libkopete-dev kppp krdc krfb kdenetwork-dbg kde-zeroconf kopete-plugin-otr-kde4
Architecture: source
Version: 4:4.4.2-0ubuntu4.1
Distribution: lucid-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Description:
kde-zeroconf - zeroconf plugins and kio slaves for KDE 4
kdenetwork - networking applications from the official KDE 4 release
kdenetwork-dbg - debugging symbols for the KDE 4 networking module
kdenetwork-filesharing - network filesharing configuration module for KDE 4
kget - download manager for KDE 4
kopete - instant messenger for KDE 4
kopete-plugin-otr-kde4 - Transitional package
kppp - modem dialer for KDE 4
krdc - Remote Desktop Connection client for KDE 4
krfb - Desktop Sharing for KDE 4
libkopete-dev - development files for the KDE 4 networking module
libkopete4 - main Kopete library
Launchpad-Bugs-Fixed: 578856
Changes:
kdenetwork (4:4.4.2-0ubuntu4.1) lucid-security; urgency=low
.
* SECURITY UPDATE: file name directory traversal attack (LP: #578856).
- Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
- kget/ui/metalinkcreator/metalinker.cpp check filename is valid
- kget/transfer-plugins/metalink/metalink.cpp if the dialog was not accepted untick every file, so that the download does not start
- CVE-2010-1000, SA39528
Checksums-Sha1:
024375ca8432eed44f313f9ac4accfec749065b1 2333 kdenetwork_4.4.2-0ubuntu4.1.dsc
2b9310c627e82c41a7ccc0f9f5fe7ea7abe1f8fc 45422 kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Checksums-Sha256:
310d02346024bb13c01601107ba74a915fe53518a4b814c0222834cb61cf8eca 2333 kdenetwork_4.4.2-0ubuntu4.1.dsc
01eb9a035275d8168fc8590d97505f88c3865b69bb4b83aa364fc22fa8e9de1c 45422 kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Files:
c0e8dde7ff74824eda8b2cf24f3cbe39 2333 kde optional kdenetwork_4.4.2-0ubuntu4.1.dsc
4b8a30759d2c0b0c1912163f0acbfaf3 45422 kde optional kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
More information about the Lucid-changes
mailing list