Ubuntu
kde4libs package

kde4libs 4:4.1.4-0ubuntu1~intrepid1.5 source package in Ubuntu

Changelog

kde4libs (4:4.1.4-0ubuntu1~intrepid1.5) intrepid-security; urgency=low

  [ Jamie Strandboge ]
  * SECURITY UPDATE: fix buffer overflow when converting string to float
    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
      numbers in kjs/dtoa.cpp
    - CVE-2009-0689

  [ Jonathan Riddell ]
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
    - Ark and KMail performs insufficient validation which leads to
      specially crafted archive files, using unknown MIME types, to be
      rendered using a KHTML instance, this can trigger uncontrolled
      XMLHTTPRequests to remote sites
    - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
      restricts xmlhttprequest to http protocols only
    - http://www.kde.org/info/security/advisory-20091027-1.txt
    - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
    - CVE-2009-XXXX
   * SECURITY UPDATE: kio help URL validation
    - the 'help://' protocol handler suffer from directory traversal.
    - Add debian/patches/security_03_kioslave_input_validation.diff to
      verify the URL
    - http://www.kde.org/info/security/advisory-20091027-1.txt
    - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
    - CVE-2009-XXXX
 -- Jamie Strandboge <email address hidden>   Mon, 07 Dec 2009 15:23:45 -0600

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Intrepid
Original maintainer:
Kubuntu Members
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
kde4libs_4.1.4.orig.tar.gz 10.7 MiB 4aa0a406534c786abd3d168c7417bbb86902dad4805374a98cbbaef97956eaeb
kde4libs_4.1.4-0ubuntu1~intrepid1.5.diff.gz 93.7 KiB 4cac62db0963481546ada95910934bf441b799bdf48e323ee66c3435ba247ce4
kde4libs_4.1.4-0ubuntu1~intrepid1.5.dsc 2.3 KiB 73319b251d8e0e3e7bcd49f424bd07abd8cc3612cfccb39053896b3081ff107f

View changes file

Binary packages built by this source

kdelibs-bin: No summary available for kdelibs-bin in ubuntu intrepid.

No description available for kdelibs-bin in ubuntu intrepid.

kdelibs5: No summary available for kdelibs5 in ubuntu intrepid.

No description available for kdelibs5 in ubuntu intrepid.

kdelibs5-data: No summary available for kdelibs5-data in ubuntu intrepid.

No description available for kdelibs5-data in ubuntu intrepid.

kdelibs5-dbg: No summary available for kdelibs5-dbg in ubuntu intrepid.

No description available for kdelibs5-dbg in ubuntu intrepid.

kdelibs5-dev: No summary available for kdelibs5-dev in ubuntu intrepid.

No description available for kdelibs5-dev in ubuntu intrepid.

kdelibs5-doc: No summary available for kdelibs5-doc in ubuntu intrepid.

No description available for kdelibs5-doc in ubuntu intrepid.