Format: 1.8 Date: Fri, 21 Aug 2009 08:17:26 -0400 Source: kdelibs Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs-dbg Architecture: ia64_translations ia64 Version: 4:3.5.10.dfsg.1-1ubuntu8.1 Distribution: jaunty Urgency: low Maintainer: Ubuntu/ia64 Build Daemon Changed-By: Marc Deslauriers Description: kdelibs - core libraries from the official KDE release kdelibs-data - core shared data for all KDE applications kdelibs-dbg - debugging symbols for kdelibs kdelibs4-dev - development files for the KDE core libraries kdelibs4c2a - core libraries and binaries for all KDE applications Changes: kdelibs (4:3.5.10.dfsg.1-1ubuntu8.1) jaunty-security; urgency=low . * SECURITY UPDATE: arbitrary code execution via JavaScript garbage collector allocation failures - debian/patches/security_01_CVE-2009-1687.diff: make sure we don't overflow before doing the realloc in kjs/collector.cpp. - CVE-2009-1687 * SECURITY UPDATE: arbitrary code execution via use-after-free - debian/patches/security_02_CVE-2009-1690.diff: use head.get() in khtml/html/htmlparser.cpp, and backport khtml/html/{AlwaysInline, htmlparser,Platform,RefPtr}.h. - CVE-2009-1690 * SECURITY UPDATE: arbitrary code execution via CSS attr function call with a large numerical argument - debian/patches/security_03_CVE-2009-1698.diff: add extra checks to khtml/css/cssparser.cpp and implement CSSPrimitiveValue::CSS_ATTR in khtml/css/css_valueimpl.cpp. - CVE-2009-1698 * debian/control{.in}: Added pkg-kde-tools to Build-Depends to fix FTBFS Checksums-Sha1: 1f6160cc57d08847e1c2a391d5d9c2cc8d9bf1a1 191166 kdelibs_3.5.10.dfsg.1-1ubuntu8.1_ia64_translations.tar.gz c9046e97e3bd86ce555f46f4643bbcc96f5ae9a9 14399942 kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb 4c5260bfd6161767892b15016005a36163f614ab 1401350 kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb ef7b4b8f6e0ff7a17f16ba0744daaec99ff12cdb 27082882 kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb Checksums-Sha256: 870aef84a09225889f5cf14a30814b451cea1c25cb1e543d2bbac4369cf50adb 191166 kdelibs_3.5.10.dfsg.1-1ubuntu8.1_ia64_translations.tar.gz 564165e3c0ac4cd3940d416aea4fd281bb6e81520d21adf1d186d2c5608e20da 14399942 kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb 12717ca0cd11f55b56493a571a45cd5691a65819c3d9057804c20882c0e56518 1401350 kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb 392b60cf8da3ac655259423b687d7b41984679c0088fdfee58e3f48d78e97cc6 27082882 kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb Files: fb00bad75dcd95197d4c9ebb143b9916 191166 raw-translations - kdelibs_3.5.10.dfsg.1-1ubuntu8.1_ia64_translations.tar.gz 7a2340f152e8af9150c2d487f866acef 14399942 libs optional kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb a826cd40931d5dff4f8dd4c1b637ea5a 1401350 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb 880a14c7a4ecef3fe53c5e2a26aa9c48 27082882 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.1_ia64.deb Original-Maintainer: Debian Qt/KDE Maintainers