Change log for kdelibs package in Debian

111 of 11 results
Deleted in wheezy-release (Reason: None provided.)
Published in squeeze-release on 2010-08-16
Deleted in sid-release (Reason: None provided.)
kdelibs (4:3.5.10.dfsg.1-5) unstable; urgency=medium


  * Change by email address to @debian.org.
  * Drop common HTML docs from kdelibs-data package. Instead suggest
    kdelibs5-data which ships them (Closes: #591609). What's more, whoever
    wants to view docs, will have to install khelpcenter4 which pulls in
    kdelibs5-data anyway.
  * Switch to dpkg-source format 3.0 (quilt):
    - drop simple-patchsys.mk from debian/rules;
    - add debian/patches/series file.
  * Fix corruption of zip files caused by wrong encoding of umlauts in kzip
    (patch 67_kio_zip_file_encoding.diff). (Closes: #563942) Thanks to Bjoern
    Ricks for the patch.
  * Support opening of KDE 4 khelpcenter in Help -> Handbook. (Closes: #525621)
    Thanks to Ben Burton for the patch.
  * Do not recurse into .pc subdirectory with doxygen 
    (patch debian/patches/02_exclude_pc_from_dox.diff).
  * Urgency=medium due to multiple RC bug fixes.

 -- Modestas Vainius <email address hidden>  Sat, 07 Aug 2010 23:20:21 +0300
Superseded in sid-release on 2011-09-20
kdelibs (4:3.5.10.dfsg.1-4) unstable; urgency=low


  [ Pino Toscano ]
  * Pull upstream r1074155 to fix build with GCC 4.5. (Closes: #565013)

  [ Modestas Vainius ]
  * Do not ship all_languages in kdelibs-data.

  [ Moritz Muehlenhoff ]
  * Update copyright file. (Closes: #520485)
  * License for certbundle files has been clarified. (Closes: #520977)
  * Document scope of security support in Squeeze.	

  [ Ana Beatriz Guerrero Lopez ]
  * Update to Standards-Version 3.9.1, no changes required.
  * Add missing ${misc:Depends}.

 -- Debian Qt/KDE Maintainers <email address hidden>  Tue, 03 Aug 2010 19:51:40 -0400
Published in lenny-release on 2010-06-26
kdelibs (4:3.5.10.dfsg.1-0lenny4) stable-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * CVE-2009-0689

 -- Moritz Muehlenhoff <email address hidden>  Sun, 07 Feb 2010 21:59:40 +0000
Superseded in lenny-release on 2011-09-13
kdelibs (4:3.5.10.dfsg.1-0lenny3) stable-security; urgency=high


  * Non-maintainer upload by the Security Team.
  * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not
    properly handle a '\0' character in a domain name in the Subject
    Alternative Name field of an X.509 certificate, which allows
    man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
    certificate issued by a legitimate Certification Authority (Closes: #546212)

 -- Giuseppe Iuculano <email address hidden>  Thu, 15 Oct 2009 20:23:11 +0200
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high


  +++ Changes by Scott Kitterman (patches from Kubuntu):

  * SECURITY UPDATE: fix buffer overflow when converting string to float.
    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
      numbers in kjs/dtoa.cpp (Closes: #559265)
    - CVE-2009-0689
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
   - Ark and KMail performs insufficient validation which leads to
     specially crafted archive files, using unknown MIME types, to be
     rendered using a KHTML instance, this can trigger uncontrolled
     XMLHTTPRequests to remote sites.
   - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
     restricts xmlhttprequest to http protocols only.
   - http://www.kde.org/info/security/advisory-20091027-1.txt
   - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
   - CVE n/a
  * Fix FTBFS with gcc 4.4.
   - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
  * Update Vcs* in debian/control for new location.

  +++ Changes by Ana Beatriz Guerrero Lopez:
  
  * Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
  * Remove Sune from Uploaders per his request.
  * Update Armin and Modestas emails.

 -- Debian Qt/KDE Maintainers <email address hidden>  Mon, 04 Jan 2010 18:32:06 +0100
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
kdelibs (4:3.5.10.dfsg.1-2.1) unstable; urgency=high


  * Non-maintainer upload by the testing Security Team.
  * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
    overflow was found in the KDE implementation of garbage collector for the
    JavaScript language (KJS).
  * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
    the HTML page <head> element. A remote attacker could use this flaw to
    cause a denial of service (konqueror crash) or, potentially, execute
    arbitrary code, with the privileges of the user running "konqueror" web
    browser, if the victim was tricked to open a specially-crafted HTML page.
    (Closes: #534949)
  * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
    handled content, forming the value of CSS "style" attribute. A remote
    attacker could use this flaw to cause a denial of service (konqueror crash)
    or potentially execute arbitrary code with the privileges of the user
    running "konqueror" web browser, if the victim visited a specially-crafted
    CSS equipped HTML page. (Closes: #534949)
  * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not
    properly handle a '\0' character in a domain name in the Subject
    Alternative Name field of an X.509 certificate, which allows
    man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
    certificate issued by a legitimate Certification Authority (Closes: #546212) 

 -- Giuseppe Iuculano <email address hidden>  Wed, 14 Oct 2009 09:57:26 +0200
Superseded in lenny-release on 2011-09-13
kdelibs (4:3.5.10.dfsg.1-0lenny2) stable-security; urgency=high


  * Non-maintainer upload.
  * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
    overflow was found in the KDE implementation of garbage collector for the
    JavaScript language (KJS).
  * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
    the HTML page <head> element. A remote attacker could use this flaw to
    cause a denial of service (konqueror crash) or, potentially, execute
    arbitrary code, with the privileges of the user running "konqueror" web
    browser, if the victim was tricked to open a specially-crafted HTML page.
    (Closes: #534949)
  * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
    handled content, forming the value of CSS "style" attribute. A remote
    attacker could use this flaw to cause a denial of service (konqueror crash)
    or potentially execute arbitrary code with the privileges of the user
    running "konqueror" web browser, if the victim visited a specially-crafted
    CSS equipped HTML page. (Closes: #534949)

 -- Giuseppe Iuculano <email address hidden>  Sun, 09 Aug 2009 16:43:32 +0200
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
kdelibs (4:3.5.10.dfsg.1-2) unstable; urgency=low


  * Add 64_use_sys_inotify.diff patch to fix ftbfs caused by linux/inotify.
    (Closes: #519881)

 -- Debian Qt/KDE Maintainers <email address hidden>  Wed, 18 Mar 2009 16:59:36 +0100
Superseded in lenny-release on 2011-09-13
kdelibs (4:3.5.10.dfsg.1-0lenny1) testing-proposed-updates; urgency=low


  +++ Changes by Ana Beatriz Guerrero Lopez:
  
  * New upstream release. 
    - Most of the changes were already provided by the patches:
      - 01_kdelibs_branch_r828883.diff
      - 02_kate_regression_r777286.diff
      - 03_start_kdeinit_integer_overflow.diff (provided for CVE-2008-1671)
      - 05_kate_debianchangelog_default_context_r799980.diff
      - 06_khtml_rendering_r786289.diff
    that have been dropped now.
    - New changes:
      - Changes for showing KDE 3.5.10 instead of 3.5.9 in the KDE apps.
      - Fix while saving sessions for multiple scripts. (KDE SVN r837226, 
        KDE bug 166598).
      - Fix in kdeprint. (KDE SVN r848634)
      - Avoid showing authentication-dialogue being put behind the application 
        window. (KDE SVN r849216, KDE bug 121803).
    
  +++ Changes by Raúl Sánchez Siles:
  
  * kdeprint: Wrong initscript name (cupsys instead of cups) (Closes:
    #496110)
  * Fixed 98_buildprep.patch so double compilation works.
  * Fixed wrong http header parsing, added 61_httpheader_backport.diff 
  * Fixed wrong Google Maps rendering, added 62_fix_googlemaps_backport.diff
  * Change dependencies from obsolete libcupsys2-dev to libcups2-dev.
  * konqueror: Crash on eBay page (Closes: #502459) with recently added
    63_fixed-layout-table.diff

 -- Debian Qt/KDE Maintainers <email address hidden>  Fri, 21 Nov 2008 11:00:19 +0100
Superseded in squeeze-release on 2011-09-13
Superseded in sid-release on 2011-09-20
kdelibs (4:3.5.10.dfsg.1-1) unstable; urgency=low


  +++ Changes by Ana Beatriz Guerrero Lopez:
  
  * New upstream release. 
    - Most of the changes were already provided by the patches:
      - 01_kdelibs_branch_r828883.diff
      - 02_kate_regression_r777286.diff
      - 03_start_kdeinit_integer_overflow.diff (provided for CVE-2008-1671)
      - 05_kate_debianchangelog_default_context_r799980.diff
      - 06_khtml_rendering_r786289.diff
    that have been dropped now.
    - New changes:
      - Changes for showing KDE 3.5.10 instead of 3.5.9 in the KDE apps.
      - Fix while saving sessions for multiple scripts. (KDE SVN r837226, 
        KDE bug 166598).
      - Fix in kdeprint. (KDE SVN r848634)
      - Avoid showing authentication-dialogue being put behind the application 
        window. (KDE SVN r849216, KDE bug 121803).
    
  +++ Changes by Raúl Sánchez Siles:
  
  * kdeprint: Wrong initscript name (cupsys instead of cups) (Closes:
    #496110)
  * Fixed 98_buildprep.patch so double compilation works.
  * Fixed wrong http header parsing, added 61_httpheader_backport.diff 
  * Fixed wrong Google Maps rendering, added 62_fix_googlemaps_backport.diff
  * Change dependencies from obsolete libcupsys2-dev to libcups2-dev.
  * konqueror: Crash on eBay page (Closes: #502459) with recently added
    63_fixed-layout-table.diff

 -- Debian Qt/KDE Maintainers <email address hidden>  Sun, 26 Oct 2008 21:21:12 +0100
Superseded in lenny-release on 2011-09-13
kdelibs (4:3.5.9.dfsg.1-6) unstable; urgency=medium


  * Fix kdepart freeze with some replacements. (Closes: #482268)
    Many thanks to Steve Cotton. 

 -- Ana Beatriz Guerrero Lopez <email address hidden>  Tue, 08 Jul 2008 22:53:51 +0200
111 of 11 results