[ubuntu/trusty-proposed] krfb 4:4.13.3-0ubuntu1 (Accepted)

Jonathan Riddell jriddell at ubuntu.com
Mon Aug 4 23:17:27 UTC 2014 

krfb (4:4.13.3-0ubuntu1) trusty; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service or possible code execution via
    integer overflow in liblzo2 in libvncserver in krfb
    - debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
      check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
      libvncserver/minilzo.c libvncserver/minilzo.h
    - CVE-2014-4607
    - http://www.kde.org/info/security/advisory-20140803-1.txt
    - LP: #1352421

Date: Mon, 04 Aug 2014 20:33:11 +0200
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Signed-By: =?utf-8?q?Philip_Mu=C5=A1kovac?= <yofel at gmx.net>
https://launchpad.net/ubuntu/trusty/+source/krfb/4:4.13.3-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 04 Aug 2014 20:33:11 +0200
Source: krfb
Binary: krfb krfb-dbg
Architecture: source
Version: 4:4.13.3-0ubuntu1
Distribution: trusty
Urgency: medium
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Description:
 krfb       - Desktop Sharing utility
 krfb-dbg   - debugging symbols for the KDE networking module
Launchpad-Bugs-Fixed: 1352421
Changes:
 krfb (4:4.13.3-0ubuntu1) trusty; urgency=medium
 .
   * New upstream release
   * SECURITY UPDATE: denial of service or possible code execution via
     integer overflow in liblzo2 in libvncserver in krfb
     - debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
       check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
       libvncserver/minilzo.c libvncserver/minilzo.h
     - CVE-2014-4607
     - http://www.kde.org/info/security/advisory-20140803-1.txt
     - LP: #1352421
Checksums-Sha1:
 3c7d109306f865b2e5d76577dfe2e2dcf63b0b0c 2089 krfb_4.13.3-0ubuntu1.dsc
 5abc55dcbad7c00e716be05b9496bf5a3db3a450 467852 krfb_4.13.3.orig.tar.xz
 91cceefe6bc120bc5f8ee8a07952a453e720afab 31268 krfb_4.13.3-0ubuntu1.debian.tar.xz
Checksums-Sha256:
 82be1b2209f1f875457cab2ed587a664fe4ce50bb6d4e0f13cadc384bfeae4a8 2089 krfb_4.13.3-0ubuntu1.dsc
 d264f294c691e014763e869b5655c7f7006342576a838847e0d9a7ac0ee29de6 467852 krfb_4.13.3.orig.tar.xz
 efd90422a83d6de6a7e794e7ebde4b059effd95ed3e58f4a3bdcbd22cc35e2f6 31268 krfb_4.13.3-0ubuntu1.debian.tar.xz
Files:
 b13b0fd9411f5ff4578f6cdfae918c7e 2089 kde optional krfb_4.13.3-0ubuntu1.dsc
 5a440d4e909c93be2f8b5c75784568c6 467852 kde optional krfb_4.13.3.orig.tar.xz
 e5595602d88f308eab198b560146bea6 31268 kde optional krfb_4.13.3-0ubuntu1.debian.tar.xz

More information about the Trusty-changes mailing list