Ubuntu
kdelibs package

kdelibs 4:3.5.10-0ubuntu1~hardy1.5 source package in Ubuntu

Changelog

kdelibs (4:3.5.10-0ubuntu1~hardy1.5) hardy-security; urgency=low

  * SECURITY UPDATE: fix buffer overflow when converting string to
    float
    - debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
      large field numbers in kjs/dtoa.cpp
    - CVE-2009-0689
  * SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
    - Ark and KMail performs insufficient validation which leads to
      specially crafted archive files, using unknown MIME types, to be
      rendered using a KHTML instance, this can trigger uncontrolled
      XMLHTTPRequests to remote sites
    - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
      restricts xmlhttprequest to http protocols only
    - based on patch by Jonathan Riddell
    - http://www.kde.org/info/security/advisory-20091027-1.txt
    - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
    - CVE-2009-XXXX
 -- Jamie Strandboge <email address hidden>   Mon, 07 Dec 2009 15:06:48 -0600

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
kdelibs_3.5.10.orig.tar.gz 17.8 MiB b50bed4173791c7f1403ca24d363517278b4b3910176ceb769fdd6fc73261ebe
kdelibs_3.5.10-0ubuntu1~hardy1.5.diff.gz 1.7 MiB ad6acf172d0f77c82d7657540b39e29cd3802a1a85f431305eecd8c28c120f61
kdelibs_3.5.10-0ubuntu1~hardy1.5.dsc 1.7 KiB fd8150b864db9da05d3cc13fd4cc7d31c2702f6961c9fbdc1d8ba5c31124f76e

View changes file

Binary packages built by this source

kdelibs: No summary available for kdelibs in ubuntu hardy.

No description available for kdelibs in ubuntu hardy.

kdelibs-data: No summary available for kdelibs-data in ubuntu hardy.

No description available for kdelibs-data in ubuntu hardy.

kdelibs-dbg: No summary available for kdelibs-dbg in ubuntu hardy.

No description available for kdelibs-dbg in ubuntu hardy.

kdelibs4-dev: No summary available for kdelibs4-dev in ubuntu hardy.

No description available for kdelibs4-dev in ubuntu hardy.

kdelibs4-doc: No summary available for kdelibs4-doc in ubuntu hardy.

No description available for kdelibs4-doc in ubuntu hardy.

kdelibs4c2a: No summary available for kdelibs4c2a in ubuntu hardy.

No description available for kdelibs4c2a in ubuntu hardy.