Format: 1.8 Date: Mon, 07 Dec 2009 15:10:37 -0600 Source: kdelibs Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs-dbg Architecture: all i386_translations i386 Version: 4:3.5.10.dfsg.1-1ubuntu8.4 Distribution: jaunty Urgency: low Maintainer: Ubuntu/i386 Build Daemon Changed-By: Jamie Strandboge Description: kdelibs - core libraries from the official KDE release kdelibs-data - core shared data for all KDE applications kdelibs-dbg - debugging symbols for kdelibs kdelibs4-dev - development files for the KDE core libraries kdelibs4c2a - core libraries and binaries for all KDE applications Changes: kdelibs (4:3.5.10.dfsg.1-1ubuntu8.4) jaunty-security; urgency=low . [ Jamie Strandboge ] * SECURITY UPDATE: fix buffer overflow when converting string to float - debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle large field numbers in kjs/dtoa.cpp - CVE-2009-0689 . [ Jonathan Riddell ] * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability - Ark and KMail performs insufficient validation which leads to specially crafted archive files, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff, restricts xmlhttprequest to http protocols only - http://www.kde.org/info/security/advisory-20091027-1.txt - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html - CVE-2009-XXXX Checksums-Sha1: 7355c79dff451a65b64124bd4600987c83b440e7 2270 kdelibs_3.5.10.dfsg.1-1ubuntu8.4_all.deb 5f4071bc216b101aec46a5ba679e6581aeac48f9 190526 kdelibs_3.5.10.dfsg.1-1ubuntu8.4_i386_translations.tar.gz 543b984f54f9622b9714da8f7e0a0a89bae5a732 6752210 kdelibs-data_3.5.10.dfsg.1-1ubuntu8.4_all.deb 971a0c380cbf36ac6bd574a8983315d32d07335a 10006430 kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.4_i386.deb 698d0c4018bc15f2181045d68b4d7068a76f2c03 1395328 kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.4_i386.deb e9c64527fe9ac3c13929650973d6a33fbabb0839 26383054 kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.4_i386.deb Checksums-Sha256: c85b2335a0d0252e05506eb82055bd69f2abee2d109d5d083b461a32a50c6320 2270 kdelibs_3.5.10.dfsg.1-1ubuntu8.4_all.deb 9b7a0e56b9c7b705f0a06181ed035ee0b520449759a25f29f120a9328a1c8b23 190526 kdelibs_3.5.10.dfsg.1-1ubuntu8.4_i386_translations.tar.gz a0b8cd7c802525a6315832f186557a1b844015e380a5eb7b94d8e5623e40b011 6752210 kdelibs-data_3.5.10.dfsg.1-1ubuntu8.4_all.deb aede1aa0b28ca77bf8d54af7e782ca5295e9a7cce57073f665fb3eaf90e7b0e8 10006430 kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.4_i386.deb e0487bdce2c68fc36081a2a21a7cf76ef1cdbbc35b8b5fe20781096fa7bbab4d 1395328 kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.4_i386.deb 23029d53968c77b5bfa474928106c3b9588e578eec1e21ba733fcb6bba82dfef 26383054 kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.4_i386.deb Files: 110eef16875f571661c553d295ffc7e5 2270 libs optional kdelibs_3.5.10.dfsg.1-1ubuntu8.4_all.deb 1bf3ef9f0e9d09f62d2d415186b0d38b 190526 raw-translations - kdelibs_3.5.10.dfsg.1-1ubuntu8.4_i386_translations.tar.gz 11c8744d3bb2ca49bf0aad89092e926e 6752210 libs optional kdelibs-data_3.5.10.dfsg.1-1ubuntu8.4_all.deb 74959eea23ce24afef3241d43b2d2118 10006430 libs optional kdelibs4c2a_3.5.10.dfsg.1-1ubuntu8.4_i386.deb cf787836d0618dc9ece201e145f6c629 1395328 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-1ubuntu8.4_i386.deb 9d18f9c1a6c38b95334483cb107c157f 26383054 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-1ubuntu8.4_i386.deb Original-Maintainer: Debian Qt/KDE Maintainers