-
kde4libs (4:4.14.16-0ubuntu3.3) xenial-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerability.
- debian/patches/CVE-2016-6232.patch: extraction location to be in
subfolder.
- CVE-2016-6232
* SECURITY UPDATE: malicious .desktop files (and others) would execute
code (LP: #1839432).
- debian/patches/CVE-2019-14744.patch: remove support for $(...) in
config keys with [$e] marker.
- CVE-2019-14744
-- Paulo Flabiano Smorigo <email address hidden> Mon, 12 Aug 2019 15:09:56 -0300
-
kde4libs (4:4.14.16-0ubuntu3.2) xenial-security; urgency=medium
* SECURITY UPDATE: Local privilege escalation (LP: #1689759)
- debian/patches/kauth-local-privilege-esc-CVE-2017-8422.patch
- Thanks to Sebastian Krahmer for reporting this issue,
Albert Astals Cid for fixing this issue.
- CVE-2017-8422
-- Rik Mills <email address hidden> Sat, 13 May 2017 09:37:09 +0100
-
kde4libs (4:4.14.16-0ubuntu3.1) xenial-security; urgency=medium
* SECURITY UPDATE:Information Leak when accessing https when using a
malicious PAC file
- debian/patches/kio-sanitize-url-to-FindProxyForURL.patch
- Thanks to Safebreach Labs researchers Itzik Kotler, Yonatan Fridburg
and Amit Klein for reporting this issue, Albert Astals Cid for fixing
this issue.
- No CVE number.
- fixes (LP: #1668871)
-- <email address hidden> (v.naini) Thu, 02 Mar 2017 21:43:06 +0530
-
kde4libs (4:4.14.16-0ubuntu3) xenial; urgency=medium
* libkhtml5: Suggest kdelibs5-plugins instead of recommending it.
-- Matthias Klose <email address hidden> Fri, 19 Feb 2016 17:23:12 +0100
-
kde4libs (4:4.14.16-0ubuntu2) xenial; urgency=medium
* libkio5: Suggest kdelibs5-plugins instead of recommending it.
-- Matthias Klose <email address hidden> Fri, 19 Feb 2016 13:08:02 +0100
-
kde4libs (4:4.14.16-0ubuntu1) xenial; urgency=medium
* Fix VCS Url to point to the correct location
* New upstream release
- refresh disable_bogus_test.diff
* Refresh libkio5.symbols to remove missing internal symbols
* Merge with debian git master
-- Philip Muškovac <email address hidden> Sat, 21 Nov 2015 11:51:54 +0100
-
kde4libs (4:4.14.13-0ubuntu6) xenial; urgency=medium
* No-change rebuild for qca2 soname change.
-- Matthias Klose <email address hidden> Thu, 07 Jan 2016 15:30:27 +0000
-
kde4libs (4:4.14.13-0ubuntu5) xenial; urgency=medium
* No-change rebuild for qca2 soname change.
-- Matthias Klose <email address hidden> Thu, 07 Jan 2016 15:30:27 +0000
-
kde4libs (4:4.14.13-0ubuntu4) xenial; urgency=medium
* Update symbols for s390x.
-- Dimitri John Ledkov <email address hidden> Mon, 30 Nov 2015 11:32:10 +0000
-
kde4libs (4:4.14.13-0ubuntu3) xenial; urgency=medium
* Fix autopackagetests by adding allow-stderr to the requirements.
-- Philip Muškovac <email address hidden> Tue, 03 Nov 2015 15:34:34 +0100
-
kde4libs (4:4.14.13-0ubuntu2) xenial; urgency=medium
* No-change rebuild for giflib soname change.
-- Matthias Klose <email address hidden> Fri, 23 Oct 2015 10:09:21 +0000
-
kde4libs (4:4.14.13-0ubuntu1) wily; urgency=medium
* New upstream release.
-- Scarlett Clark <email address hidden> Fri, 09 Oct 2015 17:21:40 -0700