kdelibs 4:3.5.10.dfsg.1-2.1 source package in Debian

Changelog

kdelibs (4:3.5.10.dfsg.1-2.1) unstable; urgency=high


  * Non-maintainer upload by the testing Security Team.
  * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
    overflow was found in the KDE implementation of garbage collector for the
    JavaScript language (KJS).
  * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
    the HTML page <head> element. A remote attacker could use this flaw to
    cause a denial of service (konqueror crash) or, potentially, execute
    arbitrary code, with the privileges of the user running "konqueror" web
    browser, if the victim was tricked to open a specially-crafted HTML page.
    (Closes: #534949)
  * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
    handled content, forming the value of CSS "style" attribute. A remote
    attacker could use this flaw to cause a denial of service (konqueror crash)
    or potentially execute arbitrary code with the privileges of the user
    running "konqueror" web browser, if the victim visited a specially-crafted
    CSS equipped HTML page. (Closes: #534949)
  * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not
    properly handle a '\0' character in a domain name in the Subject
    Alternative Name field of an X.509 certificate, which allows
    man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
    certificate issued by a legitimate Certification Authority (Closes: #546212) 

 -- Giuseppe Iuculano <email address hidden>  Wed, 14 Oct 2009 09:57:26 +0200

Upload details

Uploaded by:
Debian Qt/KDE Maintainers on 2009-10-15
Uploaded to:
Sid
Original maintainer:
Debian Qt/KDE Maintainers
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
kdelibs_3.5.10.dfsg.1-2.1.dsc 2.2 KiB c9be2e68f7734afd36ad36dfd4e3922d621c9704f76ba6f7e74041a7344db979
kdelibs_3.5.10.dfsg.1.orig.tar.gz 17.8 MiB 09119022c615547284beaa262ccc06fc9328f1dc66ebd030ab97d66819eb9f0d
kdelibs_3.5.10.dfsg.1-2.1.diff.gz 642.4 KiB f03c839ee8890787961411ec4ec8c31a7948946991c398f1532371c2ded52e15

No changes file available.

Binary packages built by this source