-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 09 Aug 2009 16:43:32 +0200 Source: kdelibs Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs4-doc kdelibs-dbg Architecture: source all i386 Version: 4:3.5.10.dfsg.1-0lenny2 Distribution: stable-security Urgency: high Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it> Description: kdelibs - core libraries from the official KDE release kdelibs-data - core shared data for all KDE applications kdelibs-dbg - debugging symbols for kdelibs kdelibs4-dev - development files for the KDE core libraries kdelibs4-doc - developer documentation for the KDE core libraries kdelibs4c2a - core libraries and binaries for all KDE applications Closes: 534949 534949 Changes: kdelibs (4:3.5.10.dfsg.1-0lenny2) stable-security; urgency=high . * Non-maintainer upload. * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer overflow was found in the KDE implementation of garbage collector for the JavaScript language (KJS). * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming the HTML page <head> element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. (Closes: #534949) * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly handled content, forming the value of CSS "style" attribute. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or potentially execute arbitrary code with the privileges of the user running "konqueror" web browser, if the victim visited a specially-crafted CSS equipped HTML page. (Closes: #534949) Checksums-Sha1: 917d2e245d7032aff9153ef85b58ad9abf89c87d 2245 kdelibs_3.5.10.dfsg.1-0lenny2.dsc 347186fffa76369795811e54b514f1fc22363a0f 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz b7860c66c30c3acf12ede288478be95a3c8780bc 412545 kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz 550ed5a9f7ceb847c83e5b5ac1703802cd123a0d 29918 kdelibs_3.5.10.dfsg.1-0lenny2_all.deb 1540c788f23c4e7cfa83bdecab69014cdd9553e9 8713862 kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb 2e5ddf4f463ed9ebb56a0c59c39428829856a0aa 26418020 kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb ee41a06ded540e5a9e37188cf33c72f9635abc32 10383036 kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb a300a6013b57454bda8bb5a7fd5dedf2a264de34 1442054 kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb 2355e8b4fab3bf57e227122249b6d6427ed594fa 26686156 kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb Checksums-Sha256: d13fc9aa439d769712fe54a8d0bf45c5eeea18daaea1ec77994619bea9efd31b 2245 kdelibs_3.5.10.dfsg.1-0lenny2.dsc 09119022c615547284beaa262ccc06fc9328f1dc66ebd030ab97d66819eb9f0d 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz 9c965b144bc8c9eda95085cd3e19da9c4e6cee629a04d60573be0d5ba28b95ce 412545 kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz 38c752788511e652e3bd50558ad34e3abbcb9021bc9247f8b44e0bcc029718cc 29918 kdelibs_3.5.10.dfsg.1-0lenny2_all.deb f271ce192b24f4764f30c56796c028415451ac7082a539cf425b9130c222355e 8713862 kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb c331a932e09bd1290ced68d9ae07e778093b8cc0be430f4cdc00fa4627dbb26b 26418020 kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb fcb1342b673fed8f75f91540ae339409551794539cf40c3a0c3e702565e09d2e 10383036 kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb 821d177ac8e519ccbf030cf50afb802ca963e47872f85f37f923da20f49d5d6c 1442054 kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb 10ac4854ff108e80352d2983c4e90a2774fbd9bab9647cecc60f91cbfccefe32 26686156 kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb Files: 61102e1ac7ad325720bc2bcac16d481f 2245 libs optional kdelibs_3.5.10.dfsg.1-0lenny2.dsc 4bcfee29b0f939415791f5032a72e7b0 18639393 libs optional kdelibs_3.5.10.dfsg.1.orig.tar.gz a09c6aa2f0d3c0c44af5e713f75f35b6 412545 libs optional kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz eb82b39b6c29628767a9ecaa46bf4652 29918 libs optional kdelibs_3.5.10.dfsg.1-0lenny2_all.deb 1ab162c4a5a27a71431f1ed045105609 8713862 libs optional kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb 693390c0455a96a718bf9a8171534e2c 26418020 doc optional kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb 707b9b42744a1106727b710d06b6eeba 10383036 libs optional kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb 42dc420f8dbe8f5b342e25909801ce4c 1442054 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb ae4b51c616894dc41b1070f0c413445a 26686156 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqIjNoACgkQ62zWxYk/rQc04ACfdosy9Gpz0N9PzA2YWiZ4tg3J D2UAmwSBDXig2uX3Bqj8/qgId0bm6Py/ =K9cD -----END PGP SIGNATURE----- Accepted: kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb to pool/main/k/kdelibs/kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb to pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb to pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb to pool/main/k/kdelibs/kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb to pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz kdelibs_3.5.10.dfsg.1-0lenny2.dsc to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2.dsc kdelibs_3.5.10.dfsg.1-0lenny2_all.deb to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2_all.deb
