Ubuntu
kdelibs package

Branches for Karmic

Name Status Last Modified Last Commit
lp://staging/ubuntu/karmic/kdelibs 2 Mature 2010-02-22 22:43:27 UTC
161. Move the pot removal to common-binary...

Author: Harald Sitter
Revision Date: 2009-09-19 00:02:34 UTC

Move the pot removal to common-binary-predeb-indep so it does not
cause mid-build break, also prevent it from removing pot files that reside
in ./debian/, to prevent dh_install from failing (LP: #432378)
lp://staging/ubuntu/karmic-security/kdelibs 2 Mature 2010-02-22 22:43:44 UTC
162. [ Jamie Strandboge ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:14:25 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to
  float
  - debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
    large field numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX
lp://staging/ubuntu/karmic-updates/kdelibs 2 Mature 2010-02-22 22:44:02 UTC
162. [ Jamie Strandboge ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:14:25 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to
  float
  - debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
    large field numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX
13 of 3 results FirstPreviousNextLast