kde4libs 4:4.2.4-0ubuntu1~jaunty2 source package in Ubuntu

Changelog

kde4libs (4:4.2.4-0ubuntu1~jaunty2) jaunty-backports; urgency=low

  [ Jamie Strandboge ]
  * SECURITY UPDATE: fix vulnerability with NULL byte in Subject Alternate
    Names field of X.509 certificates
    - debian/patches/CVE-2009-2702.diff: verify that the QString length of the
      SAN is not shorter than the ASN1 length
    - CVE-2009-2702

  [ Jonathan Riddell ]
  * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
    overflow was found in the KDE implementation of garbage collector for the
    JavaScript language (KJS).
  * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
    the HTML page <head> element. A remote attacker could use this flaw to
    cause a denial of service (konqueror crash) or, potentially, execute
    arbitrary code, with the privileges of the user running "konqueror" web
    browser, if the victim was tricked to open a specially-crafted HTML page.
  * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
    handled content, forming the value of CSS "style" attribute. A remote
    attacker could use this flaw to cause a denial of service (konqueror crash)
    or potentially execute arbitrary code with the privileges of the user
    running "konqueror" web browser, if the victim visited a specially-crafted
    CSS equipped HTML page.

  [ Marc Deslauriers ]
  * SECURITY UPDATE: arbitrary code execution via document with SVGPathList
    data structure containing a negative index
    - debian/patches/CVE-2009-0945.diff: make sure index is sane in
      khtml/svg/SVGList.h.
    - CVE-2009-0945

  [ Scott Kitterman ]
  * Update backport with security fixes

 -- Scott Kitterman <email address hidden>   Sun, 27 Sep 2009 12:28:20 -0400

Upload details

Uploaded by:
Scott Kitterman
Uploaded to:
Jaunty
Original maintainer:
Kubuntu Members
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
kde4libs_4.2.4.orig.tar.gz 11.7 MiB d0c074c812c8bbdc5ae73ddbc6be38edc9838e491e5e65b08e115f5314b3ff79
kde4libs_4.2.4-0ubuntu1~jaunty2.diff.gz 100.4 KiB 52efaeec296d54281cb3871252b969e01dfcc16927ca7f0b5ce4853cb81f7abe
kde4libs_4.2.4-0ubuntu1~jaunty2.dsc 2.3 KiB 47d334ba9dd3bf47de1515fe30c45b98611a6fedeb25dba6781ec6e4e211d47f

View changes file

Binary packages built by this source

kdelibs-bin: No summary available for kdelibs-bin in ubuntu jaunty.

No description available for kdelibs-bin in ubuntu jaunty.

kdelibs5: No summary available for kdelibs5 in ubuntu jaunty.

No description available for kdelibs5 in ubuntu jaunty.

kdelibs5-data: No summary available for kdelibs5-data in ubuntu jaunty.

No description available for kdelibs5-data in ubuntu jaunty.

kdelibs5-dbg: No summary available for kdelibs5-dbg in ubuntu jaunty.

No description available for kdelibs5-dbg in ubuntu jaunty.

kdelibs5-dev: No summary available for kdelibs5-dev in ubuntu jaunty.

No description available for kdelibs5-dev in ubuntu jaunty.

libplasma-dev: No summary available for libplasma-dev in ubuntu jaunty.

No description available for libplasma-dev in ubuntu jaunty.

libplasma3: No summary available for libplasma3 in ubuntu jaunty.

No description available for libplasma3 in ubuntu jaunty.