kdelibs 4:3.5.10.dfsg.1-3 source package in Debian


kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high

  +++ Changes by Scott Kitterman (patches from Kubuntu):

  * SECURITY UPDATE: fix buffer overflow when converting string to float.
    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
      numbers in kjs/dtoa.cpp (Closes: #559265)
    - CVE-2009-0689
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
   - Ark and KMail performs insufficient validation which leads to
     specially crafted archive files, using unknown MIME types, to be
     rendered using a KHTML instance, this can trigger uncontrolled
     XMLHTTPRequests to remote sites.
   - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
     restricts xmlhttprequest to http protocols only.
   - http://www.kde.org/info/security/advisory-20091027-1.txt
   - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
   - CVE n/a
  * Fix FTBFS with gcc 4.4.
   - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
  * Update Vcs* in debian/control for new location.

  +++ Changes by Ana Beatriz Guerrero Lopez:
  * Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
  * Remove Sune from Uploaders per his request.
  * Update Armin and Modestas emails.

 -- Debian Qt/KDE Maintainers <email address hidden>  Mon, 04 Jan 2010 18:32:06 +0100

Upload details

Uploaded by:
Debian Qt/KDE Maintainers on 2010-01-05
Uploaded to:
Original maintainer:
Debian Qt/KDE Maintainers
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section



File Size SHA-256 Checksum
kdelibs_3.5.10.dfsg.1-3.dsc 2.2 KiB f1f09a5e676349e89b010e87abb6bb95acd2a76a20033dc2c64f496a70d8c531
kdelibs_3.5.10.dfsg.1.orig.tar.gz 17.8 MiB 09119022c615547284beaa262ccc06fc9328f1dc66ebd030ab97d66819eb9f0d
kdelibs_3.5.10.dfsg.1-3.diff.gz 643.8 KiB 068345a1a3a49f2c7e8deca13d296fb88dd8d609866286953c31744ecd99b27e

No changes file available.

Binary packages built by this source