-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 16 Oct 2009 08:57:21 +0200 Source: kdelibs Binary: kdelibs4c2a kdelibs kdelibs4-doc kdelibs-dbg kdelibs-data kdelibs4-dev Architecture: source i386 all Version: 4:3.5.5a.dfsg.1-8etch3 Distribution: oldstable-security Urgency: high Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Changed-By: Giuseppe Iuculano <iuculano@debian.org> Description: kdelibs - core libraries from the official KDE release kdelibs-data - core shared data for all KDE applications kdelibs-dbg - debugging symbols for kdelibs kdelibs4-dev - development files for the KDE core libraries kdelibs4-doc - developer documentation for the KDE core libraries kdelibs4c2a - core libraries and binaries for all KDE applications Closes: 546212 Changes: kdelibs (4:3.5.5a.dfsg.1-8etch3) oldstable-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (Closes: #546212) Files: 430e1a184def8c61269ebd4236ecf902 1636 libs optional kdelibs_3.5.5a.dfsg.1-8etch3.dsc 616c29ec7f685e9b10c802eb6879d912 601207 libs optional kdelibs_3.5.5a.dfsg.1-8etch3.diff.gz f4697ef70a2bc020b1c633c92981e81f 34648 libs optional kdelibs_3.5.5a.dfsg.1-8etch3_all.deb a1326c3e10f4a1696b9d73115b417061 8607892 libs optional kdelibs-data_3.5.5a.dfsg.1-8etch3_all.deb 83be81e20b84b786c47a3351a3600c77 40162414 doc optional kdelibs4-doc_3.5.5a.dfsg.1-8etch3_all.deb 3bd6b5136465fbc6eb18f1112cbd3b58 9738260 libs optional kdelibs4c2a_3.5.5a.dfsg.1-8etch3_i386.deb 7ecda9b7973b7122035828d49c26864a 1380274 libdevel optional kdelibs4-dev_3.5.5a.dfsg.1-8etch3_i386.deb 63b27cabf41954b3b7d1f3a247d16573 26272380 libdevel extra kdelibs-dbg_3.5.5a.dfsg.1-8etch3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkrYR44ACgkQNxpp46476aodxwCdEP49HQ+d6vdkWe4g0IutBTh7 sIsAn22CMGXCFaaYA6K4aei6Zh2lMPMU =irNr -----END PGP SIGNATURE----- Accepted: kdelibs-data_3.5.5a.dfsg.1-8etch3_all.deb to pool/main/k/kdelibs/kdelibs-data_3.5.5a.dfsg.1-8etch3_all.deb kdelibs-dbg_3.5.5a.dfsg.1-8etch3_i386.deb to pool/main/k/kdelibs/kdelibs-dbg_3.5.5a.dfsg.1-8etch3_i386.deb kdelibs4-dev_3.5.5a.dfsg.1-8etch3_i386.deb to pool/main/k/kdelibs/kdelibs4-dev_3.5.5a.dfsg.1-8etch3_i386.deb kdelibs4-doc_3.5.5a.dfsg.1-8etch3_all.deb to pool/main/k/kdelibs/kdelibs4-doc_3.5.5a.dfsg.1-8etch3_all.deb kdelibs4c2a_3.5.5a.dfsg.1-8etch3_i386.deb to pool/main/k/kdelibs/kdelibs4c2a_3.5.5a.dfsg.1-8etch3_i386.deb kdelibs_3.5.5a.dfsg.1-8etch3.diff.gz to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch3.diff.gz kdelibs_3.5.5a.dfsg.1-8etch3.dsc to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch3.dsc kdelibs_3.5.5a.dfsg.1-8etch3_all.deb to pool/main/k/kdelibs/kdelibs_3.5.5a.dfsg.1-8etch3_all.deb
