-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 09 Aug 2009 14:00:33 +0200 Source: kde4libs Binary: kdelibs5 kdelibs5-data kdelibs5-dev kdelibs-bin kdelibs5-dbg Architecture: source all i386 Version: 4:4.1.0-3+lenny1 Distribution: stable-security Urgency: high Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it> Description: kdelibs-bin - executables for all KDE 4 core applications kdelibs5 - core libraries for all KDE 4 applications kdelibs5-data - core shared data for all KDE 4 applications kdelibs5-dbg - debugging symbols for the KDE 4 libraries module kdelibs5-dev - development files for the KDE 4 core libraries Closes: 534949 534949 Changes: kde4libs (4:4.1.0-3+lenny1) stable-security; urgency=high . * Non-maintainer upload. * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer overflow was found in the KDE implementation of garbage collector for the JavaScript language (KJS). * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming the HTML page <head> element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. (Closes: #534949) * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly handled content, forming the value of CSS "style" attribute. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or potentially execute arbitrary code with the privileges of the user running "konqueror" web browser, if the victim visited a specially-crafted CSS equipped HTML page. (Closes: #534949) Checksums-Sha1: 8c0764e6fafa22c8c90006c74a65f6fcf296efa2 2149 kde4libs_4.1.0-3+lenny1.dsc 87f40f82bd9a0bc19ccf877dd4ef72dfba2577d3 11264345 kde4libs_4.1.0.orig.tar.gz 94fa817ad235f87efae6b6a7a9c36ade0e492516 91423 kde4libs_4.1.0-3+lenny1.diff.gz edac323ccca00a879aff8c6bfffb438f4e0527bb 3140792 kdelibs5-data_4.1.0-3+lenny1_all.deb 0666b9eed207a6577ec0f6b9358d10064a54db6d 9495028 kdelibs5_4.1.0-3+lenny1_i386.deb 3f2a3f358235a00e8e5c0e13b98e4df20db996d7 1494680 kdelibs5-dev_4.1.0-3+lenny1_i386.deb 03afc0e0c4f92fa190d0d855fedb70f5dd4f5a3d 428258 kdelibs-bin_4.1.0-3+lenny1_i386.deb fd4c87a120b88dc6e4d93fdb71205ec575296d81 65050706 kdelibs5-dbg_4.1.0-3+lenny1_i386.deb Checksums-Sha256: 43ac6edb12df738d6c0b7b48d97eba3aff9b6137923708513a84954c4fccf68e 2149 kde4libs_4.1.0-3+lenny1.dsc 6c1a0af094878a639fbab26f3fdeef2ca924e4a88c03a89b5818ae3cd0138a5c 11264345 kde4libs_4.1.0.orig.tar.gz 341e25346781e157ad4f07c94cc4d571bdded7617ead2d544881dbc85ee8a705 91423 kde4libs_4.1.0-3+lenny1.diff.gz a6024794eff9a3fd171d2e52997d6180137e905fa22d09bf279148bfd873c28a 3140792 kdelibs5-data_4.1.0-3+lenny1_all.deb 1d23f87f22956a5be83af68f292e791d28bf6850c550c9b6423a83bce05fe3c0 9495028 kdelibs5_4.1.0-3+lenny1_i386.deb 28ff0086564f2fd6529adc9f94d2598531bc8819890c6aba7b7adea1cba386eb 1494680 kdelibs5-dev_4.1.0-3+lenny1_i386.deb 75bea7fd90e72228aa004c56356f7a7e7d6a773be115794d7822b305799953e7 428258 kdelibs-bin_4.1.0-3+lenny1_i386.deb c0733beda7bd6e2846b12cea45c8dfb3cb2f608b9be654ca35677f1cf5db88ce 65050706 kdelibs5-dbg_4.1.0-3+lenny1_i386.deb Files: 7bc7675c4aa9e7afd4fa3f83b3f95810 2149 libs optional kde4libs_4.1.0-3+lenny1.dsc 05487ff0cbc3da093f19e59184b259c7 11264345 libs optional kde4libs_4.1.0.orig.tar.gz ecc50e9bedff96a3285a031141ea15d6 91423 libs optional kde4libs_4.1.0-3+lenny1.diff.gz 47debc16cde2c9a927252ef09d89c1a3 3140792 libs optional kdelibs5-data_4.1.0-3+lenny1_all.deb 0486badbc6a675555500eac834e66770 9495028 libs optional kdelibs5_4.1.0-3+lenny1_i386.deb 7caef230087548ae9fafc4c9cbfa51a6 1494680 libdevel optional kdelibs5-dev_4.1.0-3+lenny1_i386.deb a2154b9e6f111e00d9fafee2e44950d3 428258 libs optional kdelibs-bin_4.1.0-3+lenny1_i386.deb cc57db2601c136b0ea25aa2aafc9ada4 65050706 libdevel extra kdelibs5-dbg_4.1.0-3+lenny1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqGF+AACgkQ62zWxYk/rQfpZQCgxfsXFQFcnarv8r29cSql0tJK gN8AoItglXlVJScKL5KeweX5yJaV7lB3 =GouX -----END PGP SIGNATURE----- Accepted: kde4libs_4.1.0-3+lenny1.diff.gz to main/k/kde4libs/kde4libs_4.1.0-3+lenny1.diff.gz kde4libs_4.1.0-3+lenny1.dsc to main/k/kde4libs/kde4libs_4.1.0-3+lenny1.dsc kdelibs-bin_4.1.0-3+lenny1_i386.deb to main/k/kde4libs/kdelibs-bin_4.1.0-3+lenny1_i386.deb kdelibs5-data_4.1.0-3+lenny1_all.deb to main/k/kde4libs/kdelibs5-data_4.1.0-3+lenny1_all.deb kdelibs5-dbg_4.1.0-3+lenny1_i386.deb to main/k/kde4libs/kdelibs5-dbg_4.1.0-3+lenny1_i386.deb kdelibs5-dev_4.1.0-3+lenny1_i386.deb to main/k/kde4libs/kdelibs5-dev_4.1.0-3+lenny1_i386.deb kdelibs5_4.1.0-3+lenny1_i386.deb to main/k/kde4libs/kdelibs5_4.1.0-3+lenny1_i386.deb
