Change logs for kdegraphics source package in Hardy

  • kdegraphics (4:3.5.10-0ubuntu1~hardy1.1) hardy-security; urgency=low
    
      * SECURITY UPDATE: arbitrary code execution via document with SVGPathList
        data structure containing a negative index
        - debian/patches/security_01_CVE-2009-0945.diff: validate argument
          sizes in ksvg/impl/SVGList.h.
        - CVE-2009-0945
      * SECURITY UPDATE: arbitrary code execution via SVG animation element
        use-after-free
        - debian/patches/security_02_CVE-2009-1709.diff: don't use
          m_targetElement in ksvg/impl/SVGAnimationElementImpl.{cc,h} and
          ksvg/core/DocumentFactory.cpp.
        - CVE-2009-1709
    
     -- Marc Deslauriers <email address hidden>   Fri, 21 Aug 2009 08:32:35 -0400
  • kdegraphics (4:3.5.10-0ubuntu1~hardy1) hardy-backports; urgency=low
    
      * New upstream bugfix release (LP: #261366)
        - Bump build-dep of kdelibs4-dev to 3.5.10
        - Freshen kubuntu_07_kpdf_category.diff
    
     -- Scott Kitterman <email address hidden>   Tue, 26 Aug 2008 00:43:37 -0400
  • kdegraphics (4:3.5.9-0ubuntu1) hardy; urgency=low
    
      * New upstream release
    
     -- Jonathan Riddell <email address hidden>   Thu, 14 Feb 2008 12:27:07 +0000
  • kdegraphics (4:3.5.8-2ubuntu7) hardy; urgency=low
    
      * patches/kubuntu_07_kpdf_category.diff: Change the category in
        kpdf's .desktop file from "Graphics" to "Office" (LP: #81725).
    
     -- Siegfried-Angel Gevatter Pujals (RainCT) <email address hidden>   Sat, 05 Jan 2008 13:41:38 +0100
  • kdegraphics (4:3.5.8-2ubuntu6) hardy; urgency=low
    
      * Fix build error with g++-4.3.
    
     -- Matthias Klose <email address hidden>   Thu, 24 Jan 2008 12:29:58 +0000
  • kdegraphics (4:3.5.8-2ubuntu5) hardy; urgency=low
    
      * Rebuild for libopenexr transition
    
     -- Jonathan Riddell <email address hidden>   Tue, 11 Dec 2007 17:33:17 +0000
  • kdegraphics (4:3.5.8-2ubuntu4) hardy; urgency=low
    
      * Remove kuickshow depends from kdegraphics-dev
    
     -- Jonathan Riddell <email address hidden>   Tue, 27 Nov 2007 10:12:34 +0000
  • kdegraphics (4:3.5.8-2ubuntu3) hardy; urgency=low
    
      * Don't build-dep on xpdf-common
    
     -- Jonathan Riddell <email address hidden>   Thu, 15 Nov 2007 09:35:05 +0000
  • kdegraphics (4:3.5.8-2ubuntu2) hardy; urgency=low
    
      * Merge with Debian, remaining changes in KUBUNTU-DEBIAN-DIFFERENCES
    
    kdegraphics (4:3.5.8-2) unstable; urgency=low
    
      * Patch to multiple xpdf based vulnerabilities. (Closes: #450630)
        CVE-2007-4352, CVE-2007-5392, CVE-2007-5393.
      * Make kdegrahpics binNMU safe. Thanks Lior! (Closes: #448254)
    
    kdegraphics (4:3.5.8-1) unstable; urgency=low
    
      * New upstream release.
    
      +++ Changes by Francesco Pedrini:
    
      * Added manpage for KFaxview.
      * Removed 20_post-3.5.7-kdegraphics-CVE-2007-3387.diff which was merged
      	upstream.
      * Switched ${Source-Version} to ${source:Version} in debian/control.
      * Added chrpath to Build-Depends for powerpc in order to fix RPATH issue on
        powerpc.
    
      +++ Changes by Ana Beatriz Guerrero Lopez:
    
      * Little fixes in the description in debian/control.
    
    kdegraphics (4:3.5.7-4) unstable; urgency=high
    
      * Patch for stack-based buffer overflow in the StreamPredictor::getNextLine
        function in xpd that might allow remote attackers to execute arbitrary code
        via a crafted PDF file. CVE-2007-504. (Closes: #444015)
    
      * Update section in Debian menu files. Thanks to Yann Dirson for
        suggestions. (Closes: #435120)
    
    kdegraphics (4:3.5.7-3) unstable; urgency=high
    
      * Implement use of uploaders.mk and update uploaders.
    
      +++ Changes by Ana Beatriz Guerrero Lopez:
    
      * Patch for vulnerability in xpdf that can cause a stack based buffer
        overflow via a PDF file that exploits an integer overflow in
        StreamPredictor::StreamPredictor(). CVE-2007-3387
      * Some little improvements in the debian/copyright file, GFDL text removed
        and reemplazed by a link to common-licenses.
    
    kdegraphics (4:3.5.7-2) unstable; urgency=low
    
      * Build against new poppler. (Closes: #425605)
    
     -- Jonathan Riddell <email address hidden>   Wed, 14 Nov 2007 17:25:32 +0000
  • kdegraphics (4:3.5.8-0ubuntu1) gutsy; urgency=low
    
      * New upstream release
    
     -- Jonathan Riddell <email address hidden>   Tue, 09 Oct 2007 11:41:21 +0100