-
kdegraphics (4:3.5.10-0ubuntu1~hardy1.1) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via document with SVGPathList
data structure containing a negative index
- debian/patches/security_01_CVE-2009-0945.diff: validate argument
sizes in ksvg/impl/SVGList.h.
- CVE-2009-0945
* SECURITY UPDATE: arbitrary code execution via SVG animation element
use-after-free
- debian/patches/security_02_CVE-2009-1709.diff: don't use
m_targetElement in ksvg/impl/SVGAnimationElementImpl.{cc,h} and
ksvg/core/DocumentFactory.cpp.
- CVE-2009-1709
-- Marc Deslauriers <email address hidden> Fri, 21 Aug 2009 08:32:35 -0400
-
kdegraphics (4:3.5.10-0ubuntu1~hardy1) hardy-backports; urgency=low
* New upstream bugfix release (LP: #261366)
- Bump build-dep of kdelibs4-dev to 3.5.10
- Freshen kubuntu_07_kpdf_category.diff
-- Scott Kitterman <email address hidden> Tue, 26 Aug 2008 00:43:37 -0400
-
kdegraphics (4:3.5.9-0ubuntu1) hardy; urgency=low
* New upstream release
-- Jonathan Riddell <email address hidden> Thu, 14 Feb 2008 12:27:07 +0000
-
kdegraphics (4:3.5.8-2ubuntu7) hardy; urgency=low
* patches/kubuntu_07_kpdf_category.diff: Change the category in
kpdf's .desktop file from "Graphics" to "Office" (LP: #81725).
-- Siegfried-Angel Gevatter Pujals (RainCT) <email address hidden> Sat, 05 Jan 2008 13:41:38 +0100
-
kdegraphics (4:3.5.8-2ubuntu6) hardy; urgency=low
* Fix build error with g++-4.3.
-- Matthias Klose <email address hidden> Thu, 24 Jan 2008 12:29:58 +0000
-
kdegraphics (4:3.5.8-2ubuntu5) hardy; urgency=low
* Rebuild for libopenexr transition
-- Jonathan Riddell <email address hidden> Tue, 11 Dec 2007 17:33:17 +0000
-
kdegraphics (4:3.5.8-2ubuntu4) hardy; urgency=low
* Remove kuickshow depends from kdegraphics-dev
-- Jonathan Riddell <email address hidden> Tue, 27 Nov 2007 10:12:34 +0000
-
kdegraphics (4:3.5.8-2ubuntu3) hardy; urgency=low
* Don't build-dep on xpdf-common
-- Jonathan Riddell <email address hidden> Thu, 15 Nov 2007 09:35:05 +0000
-
kdegraphics (4:3.5.8-2ubuntu2) hardy; urgency=low
* Merge with Debian, remaining changes in KUBUNTU-DEBIAN-DIFFERENCES
kdegraphics (4:3.5.8-2) unstable; urgency=low
* Patch to multiple xpdf based vulnerabilities. (Closes: #450630)
CVE-2007-4352, CVE-2007-5392, CVE-2007-5393.
* Make kdegrahpics binNMU safe. Thanks Lior! (Closes: #448254)
kdegraphics (4:3.5.8-1) unstable; urgency=low
* New upstream release.
+++ Changes by Francesco Pedrini:
* Added manpage for KFaxview.
* Removed 20_post-3.5.7-kdegraphics-CVE-2007-3387.diff which was merged
upstream.
* Switched ${Source-Version} to ${source:Version} in debian/control.
* Added chrpath to Build-Depends for powerpc in order to fix RPATH issue on
powerpc.
+++ Changes by Ana Beatriz Guerrero Lopez:
* Little fixes in the description in debian/control.
kdegraphics (4:3.5.7-4) unstable; urgency=high
* Patch for stack-based buffer overflow in the StreamPredictor::getNextLine
function in xpd that might allow remote attackers to execute arbitrary code
via a crafted PDF file. CVE-2007-504. (Closes: #444015)
* Update section in Debian menu files. Thanks to Yann Dirson for
suggestions. (Closes: #435120)
kdegraphics (4:3.5.7-3) unstable; urgency=high
* Implement use of uploaders.mk and update uploaders.
+++ Changes by Ana Beatriz Guerrero Lopez:
* Patch for vulnerability in xpdf that can cause a stack based buffer
overflow via a PDF file that exploits an integer overflow in
StreamPredictor::StreamPredictor(). CVE-2007-3387
* Some little improvements in the debian/copyright file, GFDL text removed
and reemplazed by a link to common-licenses.
kdegraphics (4:3.5.7-2) unstable; urgency=low
* Build against new poppler. (Closes: #425605)
-- Jonathan Riddell <email address hidden> Wed, 14 Nov 2007 17:25:32 +0000
-
kdegraphics (4:3.5.8-0ubuntu1) gutsy; urgency=low
* New upstream release
-- Jonathan Riddell <email address hidden> Tue, 09 Oct 2007 11:41:21 +0100