Change log for kdelibs package in Debian
1 → 11 of 11 results | First • Previous • Next • Last |
Deleted in wheezy-release (Reason: None provided.) |
Published in squeeze-release |
Deleted in sid-release (Reason: None provided.) |
kdelibs (4:3.5.10.dfsg.1-5) unstable; urgency=medium * Change by email address to @debian.org. * Drop common HTML docs from kdelibs-data package. Instead suggest kdelibs5-data which ships them (Closes: #591609). What's more, whoever wants to view docs, will have to install khelpcenter4 which pulls in kdelibs5-data anyway. * Switch to dpkg-source format 3.0 (quilt): - drop simple-patchsys.mk from debian/rules; - add debian/patches/series file. * Fix corruption of zip files caused by wrong encoding of umlauts in kzip (patch 67_kio_zip_file_encoding.diff). (Closes: #563942) Thanks to Bjoern Ricks for the patch. * Support opening of KDE 4 khelpcenter in Help -> Handbook. (Closes: #525621) Thanks to Ben Burton for the patch. * Do not recurse into .pc subdirectory with doxygen (patch debian/patches/02_exclude_pc_from_dox.diff). * Urgency=medium due to multiple RC bug fixes. -- Modestas Vainius <email address hidden> Sat, 07 Aug 2010 23:20:21 +0300
Superseded in sid-release |
kdelibs (4:3.5.10.dfsg.1-4) unstable; urgency=low [ Pino Toscano ] * Pull upstream r1074155 to fix build with GCC 4.5. (Closes: #565013) [ Modestas Vainius ] * Do not ship all_languages in kdelibs-data. [ Moritz Muehlenhoff ] * Update copyright file. (Closes: #520485) * License for certbundle files has been clarified. (Closes: #520977) * Document scope of security support in Squeeze. [ Ana Beatriz Guerrero Lopez ] * Update to Standards-Version 3.9.1, no changes required. * Add missing ${misc:Depends}. -- Debian Qt/KDE Maintainers <email address hidden> Tue, 03 Aug 2010 19:51:40 -0400
Published in lenny-release |
kdelibs (4:3.5.10.dfsg.1-0lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2009-0689 -- Moritz Muehlenhoff <email address hidden> Sun, 07 Feb 2010 21:59:40 +0000
Superseded in lenny-release |
kdelibs (4:3.5.10.dfsg.1-0lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (Closes: #546212) -- Giuseppe Iuculano <email address hidden> Thu, 15 Oct 2009 20:23:11 +0200
kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high +++ Changes by Scott Kitterman (patches from Kubuntu): * SECURITY UPDATE: fix buffer overflow when converting string to float. - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field numbers in kjs/dtoa.cpp (Closes: #559265) - CVE-2009-0689 * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability. - Ark and KMail performs insufficient validation which leads to specially crafted archive files, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites. - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff, restricts xmlhttprequest to http protocols only. - http://www.kde.org/info/security/advisory-20091027-1.txt - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html - CVE n/a * Fix FTBFS with gcc 4.4. - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564) * Update Vcs* in debian/control for new location. +++ Changes by Ana Beatriz Guerrero Lopez: * Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy. * Remove Sune from Uploaders per his request. * Update Armin and Modestas emails. -- Debian Qt/KDE Maintainers <email address hidden> Mon, 04 Jan 2010 18:32:06 +0100
kdelibs (4:3.5.10.dfsg.1-2.1) unstable; urgency=high * Non-maintainer upload by the testing Security Team. * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer overflow was found in the KDE implementation of garbage collector for the JavaScript language (KJS). * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming the HTML page <head> element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. (Closes: #534949) * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly handled content, forming the value of CSS "style" attribute. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or potentially execute arbitrary code with the privileges of the user running "konqueror" web browser, if the victim visited a specially-crafted CSS equipped HTML page. (Closes: #534949) * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (Closes: #546212) -- Giuseppe Iuculano <email address hidden> Wed, 14 Oct 2009 09:57:26 +0200
Superseded in lenny-release |
kdelibs (4:3.5.10.dfsg.1-0lenny2) stable-security; urgency=high * Non-maintainer upload. * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer overflow was found in the KDE implementation of garbage collector for the JavaScript language (KJS). * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming the HTML page <head> element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. (Closes: #534949) * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly handled content, forming the value of CSS "style" attribute. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or potentially execute arbitrary code with the privileges of the user running "konqueror" web browser, if the victim visited a specially-crafted CSS equipped HTML page. (Closes: #534949) -- Giuseppe Iuculano <email address hidden> Sun, 09 Aug 2009 16:43:32 +0200
kdelibs (4:3.5.10.dfsg.1-2) unstable; urgency=low * Add 64_use_sys_inotify.diff patch to fix ftbfs caused by linux/inotify. (Closes: #519881) -- Debian Qt/KDE Maintainers <email address hidden> Wed, 18 Mar 2009 16:59:36 +0100
Superseded in lenny-release |
kdelibs (4:3.5.10.dfsg.1-0lenny1) testing-proposed-updates; urgency=low +++ Changes by Ana Beatriz Guerrero Lopez: * New upstream release. - Most of the changes were already provided by the patches: - 01_kdelibs_branch_r828883.diff - 02_kate_regression_r777286.diff - 03_start_kdeinit_integer_overflow.diff (provided for CVE-2008-1671) - 05_kate_debianchangelog_default_context_r799980.diff - 06_khtml_rendering_r786289.diff that have been dropped now. - New changes: - Changes for showing KDE 3.5.10 instead of 3.5.9 in the KDE apps. - Fix while saving sessions for multiple scripts. (KDE SVN r837226, KDE bug 166598). - Fix in kdeprint. (KDE SVN r848634) - Avoid showing authentication-dialogue being put behind the application window. (KDE SVN r849216, KDE bug 121803). +++ Changes by Raúl Sánchez Siles: * kdeprint: Wrong initscript name (cupsys instead of cups) (Closes: #496110) * Fixed 98_buildprep.patch so double compilation works. * Fixed wrong http header parsing, added 61_httpheader_backport.diff * Fixed wrong Google Maps rendering, added 62_fix_googlemaps_backport.diff * Change dependencies from obsolete libcupsys2-dev to libcups2-dev. * konqueror: Crash on eBay page (Closes: #502459) with recently added 63_fixed-layout-table.diff -- Debian Qt/KDE Maintainers <email address hidden> Fri, 21 Nov 2008 11:00:19 +0100
kdelibs (4:3.5.10.dfsg.1-1) unstable; urgency=low +++ Changes by Ana Beatriz Guerrero Lopez: * New upstream release. - Most of the changes were already provided by the patches: - 01_kdelibs_branch_r828883.diff - 02_kate_regression_r777286.diff - 03_start_kdeinit_integer_overflow.diff (provided for CVE-2008-1671) - 05_kate_debianchangelog_default_context_r799980.diff - 06_khtml_rendering_r786289.diff that have been dropped now. - New changes: - Changes for showing KDE 3.5.10 instead of 3.5.9 in the KDE apps. - Fix while saving sessions for multiple scripts. (KDE SVN r837226, KDE bug 166598). - Fix in kdeprint. (KDE SVN r848634) - Avoid showing authentication-dialogue being put behind the application window. (KDE SVN r849216, KDE bug 121803). +++ Changes by Raúl Sánchez Siles: * kdeprint: Wrong initscript name (cupsys instead of cups) (Closes: #496110) * Fixed 98_buildprep.patch so double compilation works. * Fixed wrong http header parsing, added 61_httpheader_backport.diff * Fixed wrong Google Maps rendering, added 62_fix_googlemaps_backport.diff * Change dependencies from obsolete libcupsys2-dev to libcups2-dev. * konqueror: Crash on eBay page (Closes: #502459) with recently added 63_fixed-layout-table.diff -- Debian Qt/KDE Maintainers <email address hidden> Sun, 26 Oct 2008 21:21:12 +0100
Superseded in lenny-release |
kdelibs (4:3.5.9.dfsg.1-6) unstable; urgency=medium * Fix kdepart freeze with some replacements. (Closes: #482268) Many thanks to Steve Cotton. -- Ana Beatriz Guerrero Lopez <email address hidden> Tue, 08 Jul 2008 22:53:51 +0200
1 → 11 of 11 results | First • Previous • Next • Last |