[ubuntu/yakkety-proposed] kcoreaddons 5.26.0-0ubuntu2 (Accepted)
Clive Johnston
clivejo at kubuntu.org
Fri Oct 7 23:13:46 UTC 2016
kcoreaddons (5.26.0-0ubuntu2) yakkety; urgency=medium
* SECURITY UPDATE: KMail - HTML injection in plain text viewer
(LP: #1630700)
- debian/patches/0001-Fix-very-old-bug-when-we-remove-space-in-
url-as-foo-.patch: Code added by upstream to fix another bug,
but needs to be applied in advance of patch 0002
- debian/patches/0002-Don-t-convert-as-url-an-url-which-has-a.patch:
Fixes CVE-2016-7966
Patches cherrypicked from Debian:
https://anonscm.debian.org/git/pkg-kde/frameworks/kcoreaddons.git
Commit: ab7258dd8a87668ba63c585a69f41f291254aa43
Many thanks to Sandro Knauß for these patches
Date: Fri, 07 Oct 2016 23:57:19 +0100
Changed-By: Clive Johnston <clivejo at kubuntu.org>
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
https://launchpad.net/ubuntu/+source/kcoreaddons/5.26.0-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Fri, 07 Oct 2016 23:57:19 +0100
Source: kcoreaddons
Binary: libkf5coreaddons-dev libkf5coreaddons-bin-dev libkf5coreaddons5 libkf5coreaddons-data
Architecture: source
Version: 5.26.0-0ubuntu2
Distribution: yakkety
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
Changed-By: Clive Johnston <clivejo at kubuntu.org>
Description:
libkf5coreaddons-bin-dev - KDE Frameworks 5 addons to QtCore - development files
libkf5coreaddons-data - KDE Frameworks 5 addons to QtCore - data files
libkf5coreaddons-dev - KDE Frameworks 5 addons to QtCore - development files
libkf5coreaddons5 - KDE Frameworks 5 addons to QtCore
Launchpad-Bugs-Fixed: 1630700
Changes:
kcoreaddons (5.26.0-0ubuntu2) yakkety; urgency=medium
.
* SECURITY UPDATE: KMail - HTML injection in plain text viewer
(LP: #1630700)
- debian/patches/0001-Fix-very-old-bug-when-we-remove-space-in-
url-as-foo-.patch: Code added by upstream to fix another bug,
but needs to be applied in advance of patch 0002
- debian/patches/0002-Don-t-convert-as-url-an-url-which-has-a.patch:
Fixes CVE-2016-7966
Patches cherrypicked from Debian:
https://anonscm.debian.org/git/pkg-kde/frameworks/kcoreaddons.git
Commit: ab7258dd8a87668ba63c585a69f41f291254aa43
Many thanks to Sandro Knauß for these patches
Checksums-Sha1:
9ef740361a78ff43da051226411cc069b2ca56cd 2555 kcoreaddons_5.26.0-0ubuntu2.dsc
3b095d16e27528118759e3f6087a10bf9a919811 330764 kcoreaddons_5.26.0.orig.tar.xz
a3a1fb8515e38f0c7efb922bbbddcdc4541b6237 14672 kcoreaddons_5.26.0-0ubuntu2.debian.tar.xz
Checksums-Sha256:
90cd76bd8d43d375b7a41e09ef6df58424f1ca319137c075d20f220badb62f50 2555 kcoreaddons_5.26.0-0ubuntu2.dsc
1fab3ca827cf74f0fdadd30d8b9b3fe53d4ba2d1afe7f23a90f3ff55f3c77982 330764 kcoreaddons_5.26.0.orig.tar.xz
6f9b72b381dc11c02c5a5a395e4dedf813d5f0fa3a053774e3e48947405ba15e 14672 kcoreaddons_5.26.0-0ubuntu2.debian.tar.xz
Files:
1724b1c5704b332367f87ce4e7d320d1 2555 libs optional kcoreaddons_5.26.0-0ubuntu2.dsc
263530a26fd0b80238827d2d97225e7b 330764 libs optional kcoreaddons_5.26.0.orig.tar.xz
d6a0a3163661a427bd905962a2d972cf 14672 libs optional kcoreaddons_5.26.0-0ubuntu2.debian.tar.xz
More information about the Yakkety-changes
mailing list