Format: 1.8
Date: Mon, 07 Dec 2009 17:42:13 +0000
Source: kdelibs
Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs-dbg
Architecture: amd64 amd64_translations
Version: 4:3.5.10.dfsg.1-2.1ubuntu3
Distribution: lucid
Urgency: low
Maintainer: Ubuntu/amd64 Build Daemon <buildd@yellow.buildd>
Changed-By: Jonathan Riddell <jriddell@ubuntu.com>
Description: 
 kdelibs    - core libraries from the official KDE release
 kdelibs-data - core shared data for all KDE applications
 kdelibs-dbg - debugging symbols for kdelibs
 kdelibs4-dev - development files for the KDE core libraries
 kdelibs4c2a - core libraries and binaries for all KDE applications
Changes: 
 kdelibs (4:3.5.10.dfsg.1-2.1ubuntu3) lucid; urgency=low
 .
   * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
    - Ark and KMail performs insufficient validation which leads to
      specially crafted archive files, using unknown MIME types, to be
      rendered using a KHTML instance, this can trigger uncontrolled
      XMLHTTPRequests to remote sites
    - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
      restricts xmlhttprequest to http protocols only
    - http://www.kde.org/info/security/advisory-20091027-1.txt
    - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
    - CVE n/a
Checksums-Sha1: 
 6d91eeb604069b759dfa990d2175360ae70a2d54 10850818 kdelibs4c2a_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 b15fd631eda10d73ad3df11cf52e4a008bb7b052 179940 kdelibs_3.5.10.dfsg.1-2.1ubuntu3_amd64_translations.tar.gz
 dea106161c5de28718d7c56c47e4afa7f3898a3b 1361252 kdelibs4-dev_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 d8cc8e9f693576b6b4cc9cc622b3f687c60e5dd1 26678286 kdelibs-dbg_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
Checksums-Sha256: 
 bc65840afea03e53f8005f9d69e5fb29f47e2c9f8f745ba919c99b016ba31936 10850818 kdelibs4c2a_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 fc34cfeab26f03eda07ed5cccc40a460eb8015397d9716411c86f4218b91e8af 179940 kdelibs_3.5.10.dfsg.1-2.1ubuntu3_amd64_translations.tar.gz
 126da73a316d2703f364d31bbea798c580b926de76246ea5b7eeaf00fb974f39 1361252 kdelibs4-dev_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 f59e1b0302291d5ac37f7bb3a52494ae65b3981b6fc294651244baa91d58e6f9 26678286 kdelibs-dbg_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
Files: 
 c6cfb82f697a402073081b5d0fca5131 10850818 libs optional kdelibs4c2a_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 59918eaa42a4c785aa59a9ebcde9676b 179940 raw-translations - kdelibs_3.5.10.dfsg.1-2.1ubuntu3_amd64_translations.tar.gz
 fae9529995ae6371ac0fa87af18e1bfb 1361252 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
 bfb6d0d040abc041f48f529781a0005f 26678286 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-2.1ubuntu3_amd64.deb
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>