kde4libs 4:4.2.2-0ubuntu5.1 source package in Ubuntu
Changelog
kde4libs (4:4.2.2-0ubuntu5.1) jaunty-security; urgency=low
[ Jonathan Riddell ]
* Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
overflow was found in the KDE implementation of garbage collector for the
JavaScript language (KJS).
* Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
the HTML page <head> element. A remote attacker could use this flaw to
cause a denial of service (konqueror crash) or, potentially, execute
arbitrary code, with the privileges of the user running "konqueror" web
browser, if the victim was tricked to open a specially-crafted HTML page.
* Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
handled content, forming the value of CSS "style" attribute. A remote
attacker could use this flaw to cause a denial of service (konqueror crash)
or potentially execute arbitrary code with the privileges of the user
running "konqueror" web browser, if the victim visited a specially-crafted
CSS equipped HTML page.
[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary code execution via document with SVGPathList
data structure containing a negative index
- debian/patches/CVE-2009-0945.diff: make sure index is sane in
khtml/svg/SVGList.h.
- CVE-2009-0945
-- Marc Deslauriers <email address hidden> Thu, 20 Aug 2009 12:42:23 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jaunty
- Original maintainer:
- Kubuntu Members
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| kde4libs_4.2.2.orig.tar.gz | 11.8 MiB | 9ce499d86d186134ffae116c1c393348f4bccdbb7c15f643ee9d274e52174b8d |
| kde4libs_4.2.2-0ubuntu5.1.diff.gz | 100.2 KiB | 821f8ec245ace1a14dd70559e9f0ca1d2d7c47d3ad4f8b435ac57baca691d4cd |
| kde4libs_4.2.2-0ubuntu5.1.dsc | 2.3 KiB | 7e58cb862a53ab27f9745225b01d477ebfc1d6e78d337d3782a3cf8cca6e6f4b |
Available diffs
Binary packages built by this source
- kdelibs-bin: No summary available for kdelibs-bin in ubuntu jaunty.
No description available for kdelibs-bin in ubuntu jaunty.
- kdelibs5: No summary available for kdelibs5 in ubuntu jaunty.
No description available for kdelibs5 in ubuntu jaunty.
- kdelibs5-data: No summary available for kdelibs5-data in ubuntu jaunty.
No description available for kdelibs5-data in ubuntu jaunty.
- kdelibs5-dbg: No summary available for kdelibs5-dbg in ubuntu jaunty.
No description available for kdelibs5-dbg in ubuntu jaunty.
- kdelibs5-dev: No summary available for kdelibs5-dev in ubuntu jaunty.
No description available for kdelibs5-dev in ubuntu jaunty.
- libplasma-dev: No summary available for libplasma-dev in ubuntu jaunty.
No description available for libplasma-dev in ubuntu jaunty.
- libplasma3: No summary available for libplasma3 in ubuntu jaunty.
No description available for libplasma3 in ubuntu jaunty.
