Accepted kdelibs 4:3.5.5a.dfsg.1-8etch2 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 09 Aug 2009 18:20:19 +0200
Source: kdelibs
Binary: kdelibs4c2a kdelibs kdelibs4-doc kdelibs-dbg kdelibs-data kdelibs4-dev
Architecture: source i386 all
Version: 4:3.5.5a.dfsg.1-8etch2
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it>
Description:
kdelibs - core libraries from the official KDE release
kdelibs-data - core shared data for all KDE applications
kdelibs-dbg - debugging symbols for kdelibs
kdelibs4-dev - development files for the KDE core libraries
kdelibs4-doc - developer documentation for the KDE core libraries
kdelibs4c2a - core libraries and binaries for all KDE applications
Closes: 478024 534949 534949
Changes:
kdelibs (4:3.5.5a.dfsg.1-8etch2) oldstable-security; urgency=high
.
* Non-maintainer upload.
* Fixed CVE-2008-1671: start_kdeinit in KDE 3.5.5 through 3.5.9, when
installed setuid root, allows local users to cause a denial of service and
possibly execute arbitrary code via "user-influenceable input" (probably
command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to
other processes. (Closes: #478024)
* Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
overflow was found in the KDE implementation of garbage collector for the
JavaScript language (KJS).
* Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
the HTML page <head> element. A remote attacker could use this flaw to
cause a denial of service (konqueror crash) or, potentially, execute
arbitrary code, with the privileges of the user running "konqueror" web
browser, if the victim was tricked to open a specially-crafted HTML page.
(Closes: #534949)
* Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
handled content, forming the value of CSS "style" attribute. A remote
attacker could use this flaw to cause a denial of service (konqueror crash)
or potentially execute arbitrary code with the privileges of the user
running "konqueror" web browser, if the victim visited a specially-crafted
CSS equipped HTML page. (Closes: #534949)
Files:
0eb586c194525c6efbfda4c7505faf97 1635 libs optional kdelibs_3.5.5a.dfsg.1-8etch2.dsc
a3f13367dcadef4749ba0173c8bc5f8e 18684663 libs optional kdelibs_3.5.5a.dfsg.1.orig.tar.gz
1452f9edd815d35268c580caba07c69b 601893 libs optional kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
8d069056020a0d76c5657105c764c4c4 34590 libs optional kdelibs_3.5.5a.dfsg.1-8etch2_all.deb
93a407c519ffef8ecfb182aadb59a86f 8599236 libs optional kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
95cdb51e0f3104ff26fe2d3419c79ab7 40223822 doc optional kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
44d58eccf0d6de0626ee627821aab8b0 9742340 libs optional kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
415adb54c701be487552a24280e4e1cb 1382698 libdevel optional kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
9562a77ad5b8dd761c1514bae672c35b 26268130 libdevel extra kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkqIjOAACgkQ62zWxYk/rQdUuQCfQLgfv7ck77uSJEA2e14ZXwRj
kRsAn2N/pSDtAXjGQJ2L6qsLrH/7v32s
=7ma0
-----END PGP SIGNATURE-----
Accepted:
kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
to pool/main/k/kdelibs/kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb
to pool/main/k/kdelibs/kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
to pool/main/k/kdelibs/kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
to pool/main/k/kdelibs/kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
to pool/main/k/kdelibs/kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
kdelibs_3.5.5a.dfsg.1-8etch2.dsc
to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2.dsc
kdelibs_3.5.5a.dfsg.1-8etch2_all.deb
to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2_all.deb