rev 16508 - trunk/packages/kde3libs/debian
Scott Kitterman
kitterma-guest at alioth.debian.org
Thu Dec 31 20:12:25 UTC 2009
Author: kitterma-guest
Date: 2009-12-31 20:12:24 +0000 (Thu, 31 Dec 2009)
New Revision: 16508
Modified:
trunk/packages/kde3libs/debian/changelog
trunk/packages/kde3libs/debian/control
Log:
kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high
+++ Changes by Scott Kitterman (patches from Kubuntu):
* SECURITY UPDATE: fix buffer overflow when converting string to float
- debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
numbers in kjs/dtoa.cpp (Closes: #559265)
- CVE-2009-0689
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
rendered using a KHTML instance, this can trigger uncontrolled
XMLHTTPRequests to remote sites
- Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
restricts xmlhttprequest to http protocols only
- http://www.kde.org/info/security/advisory-20091027-1.txt
- oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
- CVE n/a
* Fix FTBFS with gcc 4.4
- Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
* Update Vcs* in debian/control for new location
-- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Thu, 31 Dec 2009 14:24:21 -0500
Modified: trunk/packages/kde3libs/debian/changelog
===================================================================
--- trunk/packages/kde3libs/debian/changelog 2009-12-31 20:00:46 UTC (rev 16507)
+++ trunk/packages/kde3libs/debian/changelog 2009-12-31 20:12:24 UTC (rev 16508)
@@ -1,3 +1,27 @@
+kdelibs (4:3.5.10.dfsg.1-3) unstable; urgency=high
+
+ +++ Changes by Scott Kitterman (patches from Kubuntu):
+
+ * SECURITY UPDATE: fix buffer overflow when converting string to float
+ - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
+ numbers in kjs/dtoa.cpp (Closes: #559265)
+ - CVE-2009-0689
+ * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
+ - Ark and KMail performs insufficient validation which leads to
+ specially crafted archive files, using unknown MIME types, to be
+ rendered using a KHTML instance, this can trigger uncontrolled
+ XMLHTTPRequests to remote sites
+ - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
+ restricts xmlhttprequest to http protocols only
+ - http://www.kde.org/info/security/advisory-20091027-1.txt
+ - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
+ - CVE n/a
+ * Fix FTBFS with gcc 4.4
+ - Add debian/patches/gcc4.4_ftbfs.diff (Closes: #556564)
+ * Update Vcs* in debian/control for new location
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Thu, 31 Dec 2009 14:24:21 -0500
+
kdelibs (4:3.5.10.dfsg.1-2.1) unstable; urgency=high
* Non-maintainer upload by the testing Security Team.
Modified: trunk/packages/kde3libs/debian/control
===================================================================
--- trunk/packages/kde3libs/debian/control 2009-12-31 20:00:46 UTC (rev 16507)
+++ trunk/packages/kde3libs/debian/control 2009-12-31 20:12:24 UTC (rev 16508)
@@ -16,8 +16,8 @@
sharutils, texinfo
Build-Depends-Indep: doxygen, qt3-doc, graphviz, gsfonts-x11
Standards-Version: 3.7.3
-Vcs-Svn: svn://svn.debian.org/svn/pkg-kde/trunk/packages/kdelibs
-Vcs-Browser: http://svn.debian.org/wsvn/pkg-kde/trunk/packages/kdelibs
+Vcs-Svn: svn://svn.debian.org/svn/pkg-kde/trunk/packages/kde3libs
+Vcs-Browser: http://svn.debian.org/wsvn/pkg-kde/trunk/packages/kde3libs
Package: kdelibs
Section: libs
More information about the pkg-kde-commits
mailing list