Changelog
kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high
+++ Changes by Scott Kitterman (patches from Kubuntu):
* SECURITY UPDATE: fix buffer overflow when converting string to float.
- debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
numbers in kjs/dtoa.cpp (Closes: #559265)
- CVE-2009-0689
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
rendered using a KHTML instance, this can trigger uncontrolled
XMLHTTPRequests to remote sites.
- Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
restricts xmlhttprequest to http protocols only.
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE n/a
* Fix FTBFS with gcc 4.4.
- Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
* Update Vcs* in debian/control for new location.
+++ Changes by Ana Beatriz Guerrero Lopez:
* Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
* Remove Sune from Uploaders per his request.
* Update Armin and Modestas emails.
-- Debian Qt/KDE Maintainers <email address hidden> Mon, 04 Jan 2010 18:32:06 +0100
