Back to kdelibs PTS page

Accepted kdelibs 4:3.5.5a.dfsg.1-8etch2 (source i386 all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 09 Aug 2009 18:20:19 +0200
Source: kdelibs
Binary: kdelibs4c2a kdelibs kdelibs4-doc kdelibs-dbg kdelibs-data kdelibs4-dev
Architecture: source i386 all
Version: 4:3.5.5a.dfsg.1-8etch2
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it>
Description: 
 kdelibs    - core libraries from the official KDE release
 kdelibs-data - core shared data for all KDE applications
 kdelibs-dbg - debugging symbols for kdelibs
 kdelibs4-dev - development files for the KDE core libraries
 kdelibs4-doc - developer documentation for the KDE core libraries
 kdelibs4c2a - core libraries and binaries for all KDE applications
Closes: 478024 534949 534949
Changes: 
 kdelibs (4:3.5.5a.dfsg.1-8etch2) oldstable-security; urgency=high
 .
   * Non-maintainer upload.
   * Fixed CVE-2008-1671: start_kdeinit in KDE 3.5.5 through 3.5.9, when
     installed setuid root, allows local users to cause a denial of service and
     possibly execute arbitrary code via "user-influenceable input" (probably
     command-line arguments) that cause start_kdeinit to send SIGUSR1 signals to
     other processes. (Closes: #478024)
   * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
     overflow was found in the KDE implementation of garbage collector for the
     JavaScript language (KJS).
   * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
     the HTML page <head> element. A remote attacker could use this flaw to
     cause a denial of service (konqueror crash) or, potentially, execute
     arbitrary code, with the privileges of the user running "konqueror" web
     browser, if the victim was tricked to open a specially-crafted HTML page.
     (Closes: #534949)
   * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
     handled content, forming the value of CSS "style" attribute. A remote
     attacker could use this flaw to cause a denial of service (konqueror crash)
     or potentially execute arbitrary code with the privileges of the user
     running "konqueror" web browser, if the victim visited a specially-crafted
     CSS equipped HTML page. (Closes: #534949)
Files: 
 0eb586c194525c6efbfda4c7505faf97 1635 libs optional kdelibs_3.5.5a.dfsg.1-8etch2.dsc
 a3f13367dcadef4749ba0173c8bc5f8e 18684663 libs optional kdelibs_3.5.5a.dfsg.1.orig.tar.gz
 1452f9edd815d35268c580caba07c69b 601893 libs optional kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
 8d069056020a0d76c5657105c764c4c4 34590 libs optional kdelibs_3.5.5a.dfsg.1-8etch2_all.deb
 93a407c519ffef8ecfb182aadb59a86f 8599236 libs optional kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
 95cdb51e0f3104ff26fe2d3419c79ab7 40223822 doc optional kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
 44d58eccf0d6de0626ee627821aab8b0 9742340 libs optional kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
 415adb54c701be487552a24280e4e1cb 1382698 libdevel optional kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
 9562a77ad5b8dd761c1514bae672c35b 26268130 libdevel extra kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqIjOAACgkQ62zWxYk/rQdUuQCfQLgfv7ck77uSJEA2e14ZXwRj
kRsAn2N/pSDtAXjGQJ2L6qsLrH/7v32s
=7ma0
-----END PGP SIGNATURE-----


Accepted:
kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
  to pool/main/k/kdelibs/kdelibs-data_3.5.5a.dfsg.1-8etch2_all.deb
kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb
  to pool/main/k/kdelibs/kdelibs-dbg_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
  to pool/main/k/kdelibs/kdelibs4-dev_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
  to pool/main/k/kdelibs/kdelibs4-doc_3.5.5a.dfsg.1-8etch2_all.deb
kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
  to pool/main/k/kdelibs/kdelibs4c2a_3.5.5a.dfsg.1-8etch2_i386.deb
kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
  to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2.diff.gz
kdelibs_3.5.5a.dfsg.1-8etch2.dsc
  to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2.dsc
kdelibs_3.5.5a.dfsg.1-8etch2_all.deb
  to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch2_all.deb