-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 15 Oct 2009 20:23:11 +0200 Source: kdelibs Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs4-doc kdelibs-dbg Architecture: source all i386 Version: 4:3.5.10.dfsg.1-0lenny3 Distribution: stable-security Urgency: high Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Changed-By: Giuseppe Iuculano <iuculano@debian.org> Description: kdelibs - core libraries from the official KDE release kdelibs-data - core shared data for all KDE applications kdelibs-dbg - debugging symbols for kdelibs kdelibs4-dev - development files for the KDE core libraries kdelibs4-doc - developer documentation for the KDE core libraries kdelibs4c2a - core libraries and binaries for all KDE applications Closes: 546212 Changes: kdelibs (4:3.5.10.dfsg.1-0lenny3) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (Closes: #546212) Checksums-Sha1: afd5e11332783c0e626f8e1d411f346912abf7e5 2246 kdelibs_3.5.10.dfsg.1-0lenny3.dsc 347186fffa76369795811e54b514f1fc22363a0f 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz 37aaa37759ff12d48c4b513ea568dd5306378915 411540 kdelibs_3.5.10.dfsg.1-0lenny3.diff.gz 608f696bf5dc25701fd5253b938da79b3ce30939 30134 kdelibs_3.5.10.dfsg.1-0lenny3_all.deb 91d5e8ed18fdddcffef81bf84e45d9befd392edc 8718512 kdelibs-data_3.5.10.dfsg.1-0lenny3_all.deb 1b54702432210a5682dbf7e05232171dbc040d11 26403048 kdelibs4-doc_3.5.10.dfsg.1-0lenny3_all.deb 7730abdc2ee3098e25be2f790618702661514d48 10390450 kdelibs4c2a_3.5.10.dfsg.1-0lenny3_i386.deb ec50190790833cdc5d2a52b79c112b1913c55376 1442224 kdelibs4-dev_3.5.10.dfsg.1-0lenny3_i386.deb e6aaa48b1d09112387001505124879447c9bde83 26681752 kdelibs-dbg_3.5.10.dfsg.1-0lenny3_i386.deb Checksums-Sha256: f426bf1d980ea80b5e00777aca60d55a466cbbd7ce3db0ff9e1a8ece3e4f8ff3 2246 kdelibs_3.5.10.dfsg.1-0lenny3.dsc 09119022c615547284beaa262ccc06fc9328f1dc66ebd030ab97d66819eb9f0d 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz 9b951ef3b5a9b6ba48d5da32486c2f397db70fc0e7b6c1021655306d9f81ffb7 411540 kdelibs_3.5.10.dfsg.1-0lenny3.diff.gz d527bc18f6323a90e07d663596d44fdf87f24520518e8c2a372d95bd39abf88c 30134 kdelibs_3.5.10.dfsg.1-0lenny3_all.deb 82d6a7c2742801ec39cd069f346d39eacd5b3567052ca09c340f0ffeb836e37c 8718512 kdelibs-data_3.5.10.dfsg.1-0lenny3_all.deb 2dade369cbfbcb884c13642976ee283ba1285c56c7b8984f1b400afc91ebe56b 26403048 kdelibs4-doc_3.5.10.dfsg.1-0lenny3_all.deb af6f3231229a6dd9cdde517d6351742dfe9bf74b4d8272ab6e71d240dcfa169e 10390450 kdelibs4c2a_3.5.10.dfsg.1-0lenny3_i386.deb 83070d28cd4fec42328ac1ad4f6e8069dfdf1cdbfa61404fc4c720a3ced373b7 1442224 kdelibs4-dev_3.5.10.dfsg.1-0lenny3_i386.deb af9da10934c015deb7474350c8405295bf02ef2594d26394b36470ace027f250 26681752 kdelibs-dbg_3.5.10.dfsg.1-0lenny3_i386.deb Files: 504c0e7014a1b1593c1c853e292a4fb9 2246 libs optional kdelibs_3.5.10.dfsg.1-0lenny3.dsc 4bcfee29b0f939415791f5032a72e7b0 18639393 libs optional kdelibs_3.5.10.dfsg.1.orig.tar.gz a02c3f08d46b2b0a51b3ae12a02aa527 411540 libs optional kdelibs_3.5.10.dfsg.1-0lenny3.diff.gz 19c2914a8cda7ab65d81658e4008fce2 30134 libs optional kdelibs_3.5.10.dfsg.1-0lenny3_all.deb eab9fd4bec67b85189b2afd7f13e6723 8718512 libs optional kdelibs-data_3.5.10.dfsg.1-0lenny3_all.deb 5dcff5e12c97c2719ddd63a7f26c4498 26403048 doc optional kdelibs4-doc_3.5.10.dfsg.1-0lenny3_all.deb 988560c710735aed7ce636fd9c98d2ee 10390450 libs optional kdelibs4c2a_3.5.10.dfsg.1-0lenny3_i386.deb 006447cb3cc8300eb03f5eb682ec9b0d 1442224 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-0lenny3_i386.deb d7c58f7c80efd5e0d872451d6e312caf 26681752 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-0lenny3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkrXj7MACgkQNxpp46476apMYACdHS148v7Q6NyRqYJjXLflkZSW PeAAnjRibre6HcbBsdydaktBQBlov6Fh =lYQg -----END PGP SIGNATURE----- Accepted: kdelibs-data_3.5.10.dfsg.1-0lenny3_all.deb to main/k/kdelibs/kdelibs-data_3.5.10.dfsg.1-0lenny3_all.deb kdelibs-dbg_3.5.10.dfsg.1-0lenny3_i386.deb to main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-0lenny3_i386.deb kdelibs4-dev_3.5.10.dfsg.1-0lenny3_i386.deb to main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-0lenny3_i386.deb kdelibs4-doc_3.5.10.dfsg.1-0lenny3_all.deb to main/k/kdelibs/kdelibs4-doc_3.5.10.dfsg.1-0lenny3_all.deb kdelibs4c2a_3.5.10.dfsg.1-0lenny3_i386.deb to main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-0lenny3_i386.deb kdelibs_3.5.10.dfsg.1-0lenny3.diff.gz to main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny3.diff.gz kdelibs_3.5.10.dfsg.1-0lenny3.dsc to main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny3.dsc kdelibs_3.5.10.dfsg.1-0lenny3_all.deb to main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny3_all.deb