rev 16508 - trunk/packages/kde3libs/debian

Scott Kitterman kitterma-guest at alioth.debian.org
Thu Dec 31 20:12:25 UTC 2009


Author: kitterma-guest
Date: 2009-12-31 20:12:24 +0000 (Thu, 31 Dec 2009)
New Revision: 16508

Modified:
   trunk/packages/kde3libs/debian/changelog
   trunk/packages/kde3libs/debian/control
Log:
kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high

  +++ Changes by Scott Kitterman (patches from Kubuntu):

  * SECURITY UPDATE: fix buffer overflow when converting string to float
    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
      numbers in kjs/dtoa.cpp (Closes: #559265)
    - CVE-2009-0689
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
   - Ark and KMail performs insufficient validation which leads to
     specially crafted archive files, using unknown MIME types, to be
     rendered using a KHTML instance, this can trigger uncontrolled
     XMLHTTPRequests to remote sites
   - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
     restricts xmlhttprequest to http protocols only
   - http://www.kde.org/info/security/advisory-20091027-1.txt
   - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
   - CVE n/a
  * Fix FTBFS with gcc 4.4
   - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
  * Update Vcs* in debian/control for new location

 -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Thu, 31 Dec 2009 14:24:21 -0500

Modified: trunk/packages/kde3libs/debian/changelog
===================================================================
--- trunk/packages/kde3libs/debian/changelog	2009-12-31 20:00:46 UTC (rev 16507)
+++ trunk/packages/kde3libs/debian/changelog	2009-12-31 20:12:24 UTC (rev 16508)
@@ -1,3 +1,27 @@
+kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high
+
+  +++ Changes by Scott Kitterman (patches from Kubuntu):
+
+  * SECURITY UPDATE: fix buffer overflow when converting string to float
+    - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
+      numbers in kjs/dtoa.cpp (Closes: #559265)
+    - CVE-2009-0689
+  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
+   - Ark and KMail performs insufficient validation which leads to
+     specially crafted archive files, using unknown MIME types, to be
+     rendered using a KHTML instance, this can trigger uncontrolled
+     XMLHTTPRequests to remote sites
+   - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
+     restricts xmlhttprequest to http protocols only
+   - http://www.kde.org/info/security/advisory-20091027-1.txt
+   - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
+   - CVE n/a
+  * Fix FTBFS with gcc 4.4
+   - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
+  * Update Vcs* in debian/control for new location
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Thu, 31 Dec 2009 14:24:21 -0500
+
 kdelibs (4:3.5.10.dfsg.1-2.1) unstable; urgency=high
 
   * Non-maintainer upload by the testing Security Team.

Modified: trunk/packages/kde3libs/debian/control
===================================================================
--- trunk/packages/kde3libs/debian/control	2009-12-31 20:00:46 UTC (rev 16507)
+++ trunk/packages/kde3libs/debian/control	2009-12-31 20:12:24 UTC (rev 16508)
@@ -16,8 +16,8 @@
  sharutils, texinfo
 Build-Depends-Indep: doxygen, qt3-doc, graphviz, gsfonts-x11
 Standards-Version: 3.7.3
-Vcs-Svn: svn://svn.debian.org/svn/pkg-kde/trunk/packages/kdelibs
-Vcs-Browser: http://svn.debian.org/wsvn/pkg-kde/trunk/packages/kdelibs
+Vcs-Svn: svn://svn.debian.org/svn/pkg-kde/trunk/packages/kde3libs
+Vcs-Browser: http://svn.debian.org/wsvn/pkg-kde/trunk/packages/kde3libs
 
 Package: kdelibs
 Section: libs




More information about the pkg-kde-commits mailing list