Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Jonathan Riddell
Revision Date: 2012-12-03 11:07:38 UTC

[ Jonathan Riddell ]
* New upstream beta release
* Update .symbols

[ Harald Sitter ]
* dep3 patch tagging

Author: Philip Muškovac
Revision Date: 2012-11-29 23:35:05 UTC

* New upstream release (LP: #1074747)
  - add new symbols to libkjsapi4.symbols and libkio5.symbols
  - drop fix_samba.diff, applied upstream
  - refresh python3-support-bytecode.patch

Author: Scott Kitterman
Revision Date: 2012-11-25 20:01:36 UTC

Add debian/patches/no_KDE4_BUILD_TESTS.diff to set KDE4_BUILD_TESTS to OFF

Author: Rohan Garg
Revision Date: 2012-10-03 22:00:57 UTC

Add fix_samba.diff as advised by upstream to fix browsing
of samba shares

Author: Felix Geyer
Revision Date: 2012-09-07 16:47:08 UTC

[ Scott Kitterman ]
* New upstream bugfix release (LP: #1047417)
  - Drop patches cherrypicked from upstrea:
    Revert_disconnect_before_re-connecting.diff
    Revert_Always_rec-connect_if_forced.diff

[ Felix Geyer ]
* Install new kdoctools language customizations.
* Update libkdeui5 symbols file.

Author: Felix Geyer
Revision Date: 2012-09-07 16:47:08 UTC

[ Scott Kitterman ]
* New upstream bugfix release (LP: #1047417)
  - Drop patches cherrypicked from upstrea:
    Revert_disconnect_before_re-connecting.diff
    Revert_Always_rec-connect_if_forced.diff

[ Felix Geyer ]
* Install new kdoctools language customizations.
* Update libkdeui5 symbols file.

Author: Marc Deslauriers
Revision Date: 2012-07-13 09:32:36 UTC

No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2012-07-13 09:31:51 UTC

No change rebuild in security pocket

Author: Marc Deslauriers
Revision Date: 2012-07-13 09:31:51 UTC

No change rebuild in security pocket

Author: Rohan Garg
Revision Date: 2012-03-30 18:44:02 UTC

[ Rohan Garg ]
* New upstream release
  - Update symbols for libkparts4 and libkio5

[ Jonathan Thomas ]
* Add kubuntu_fix_nepomuk_utils_crash.diff cherry-pick from KDE's 4.8
  branch. (LP: #948973)

Author: Scott Kitterman
Revision Date: 2012-01-09 14:06:32 UTC

* New upstream bugfix release (LP: #913928)
* Add debian/patches/kubuntu_lenient_group_parsing.diff
  - Cherrypick from post-4.7.4 changes to restore the old pre-4.7 behaviour
    of accepting as valid any numbers that do not contain any group
    separators but strictly enforce group rules when the number contains 1
    or more group separators.
  - changeset_r2993b24bc21a340695ad35b4f014a684f4d0c651

Author: Jamie Strandboge
Revision Date: 2011-10-14 10:20:24 UTC

* SECURITY UPDATE: Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.
  - LP: #857437

Author: Jamie Strandboge
Revision Date: 2011-10-14 09:19:01 UTC

* SECURITY UPDATE: Fix vulnerabity with certificate boxes in KSSL,
  which let the opportunity to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.
  - CVE-2011-3365
  LP: #857437
* Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365.diff: Change the QLabel's text
    format from RichText to PlainText in important locations.

Author: Jamie Strandboge
Revision Date: 2011-10-14 10:20:24 UTC

* SECURITY UPDATE: Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.
  - LP: #857437

Author: Jamie Strandboge
Revision Date: 2011-10-14 09:10:11 UTC

* SECURITY UPDATE: Fix vulnerabity with certificate boxes in KSSL,
  which let the opportunity to interpret html tags.
  - debian/patches/security_04_CVE-2011-3365.diff: Change the QLabel's text
    format from RichText to PlainText in important locations.
  - CVE-2011-3365
  - LP: #857437
* SECURITY UPDATE: Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.

Author: Jamie Strandboge
Revision Date: 2011-10-14 09:19:01 UTC

* SECURITY UPDATE: Fix vulnerabity with certificate boxes in KSSL,
  which let the opportunity to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.
  - CVE-2011-3365
  LP: #857437
* Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365.diff: Change the QLabel's text
    format from RichText to PlainText in important locations.

Author: Jamie Strandboge
Revision Date: 2011-10-14 09:10:11 UTC

* SECURITY UPDATE: Fix vulnerabity with certificate boxes in KSSL,
  which let the opportunity to interpret html tags.
  - debian/patches/security_04_CVE-2011-3365.diff: Change the QLabel's text
    format from RichText to PlainText in important locations.
  - CVE-2011-3365
  - LP: #857437
* SECURITY UPDATE: Fix vulnerability in kioslave which let the opportunity
  to interpret html tags
  - debian/patches/security_04_CVE-2011-3365-kioslave.patch: Use HTML
    escaping on texts that come from the website.

Author: Jonathan Thomas
Revision Date: 2011-10-01 16:36:49 UTC

Add kubuntu_fix_kextendableitemdelegate_crash.diff from upstream
(Commit fc923ff9 to the 4.7 branch) to fix a crash visible in Muon.

Author: Scott Kitterman
Revision Date: 2011-09-26 07:21:24 UTC

Upload to natty-proposed for SRU testing (LP: #859562)

Author: Jamie Strandboge
Revision Date: 2011-04-11 10:19:40 UTC

* SECURITY UPDATE: fix XSS vulnerability in Konqueror's error pages
  - debian/patches/security_03_CVE-2011-1168.diff: upstream patch
  - CVE-2011-1168
  - LP: #743669
* SECURITY UPDATE: fix certificate verification for certificates issued
  against an IP address
  - debian/patches/security_04_CVE-2011-1094.diff: based on upstream patch
  - CVE-2011-1094

Author: Jonathan Thomas
Revision Date: 2011-04-19 00:03:52 UTC

Add kubuntu_81_fix_solid_network_status.diff to fix Solid reporting the
network status as "unknown" improperly.

Author: Jamie Strandboge
Revision Date: 2011-04-11 10:19:40 UTC

* SECURITY UPDATE: fix XSS vulnerability in Konqueror's error pages
  - debian/patches/security_03_CVE-2011-1168.diff: upstream patch
  - CVE-2011-1168
  - LP: #743669
* SECURITY UPDATE: fix certificate verification for certificates issued
  against an IP address
  - debian/patches/security_04_CVE-2011-1094.diff: based on upstream patch
  - CVE-2011-1094

Author: Scott Kitterman
Revision Date: 2011-04-11 00:16:10 UTC

* Update to final 4.5.x version per micro-release update exception
  (LP: #757065)
* Additional post 4.5.5 fixes from kde git:
  - debian/patches/kubuntu_79_html_escaping.diff
  - debian/patches/security_03_CVE-2011-1094.diff

Author: Scott Kitterman
Revision Date: 2010-12-16 13:15:26 UTC

* Upload to lucid-proposed for 10.04.2 (LP: #691068)
  - No SRU/security uploads to verify
* Fix upstream/runtime versions in debian/rules

Author: Jonathan Riddell
Revision Date: 2010-10-04 11:48:16 UTC

Add kubuntu_77_no_kbookmark_write_error.diff, nasty workaround for
random error message on first login LP: #627815

Author: Jonathan Thomas
Revision Date: 2010-04-14 11:49:42 UTC

Add kubuntu_75_kauth_authentication_fix.diff from upstream to address
B.K.O #227117.

Author: Scott Kitterman
Revision Date: 2010-01-03 19:04:00 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
    numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX

[ Scott Kitterman ]
* Update Jaunty backport (LP: #502761)

Author: Jonathan Thomas
Revision Date: 2009-04-28 21:21:41 UTC

Update kubuntu_69_do_not_show_plasma_popups_over_screensaver.diff so
that Plasma PopupDialogs don't get broken

Author: Alessandro Ghersi
Revision Date: 2010-01-22 00:54:09 UTC

* New upstream release
  - Bump version in rules
  - Update kdelibs5-dev.install

Author: Scott Kitterman
Revision Date: 2009-10-18 09:35:26 UTC

Add kubuntu_81_revert_scrollwidget.diff to revert plasma/applet back to
4.3.1 and fix the Kubuntu Netbook application launcher (LP: #446905)

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:25:55 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
    numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:25:55 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
    numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX

Author: Jonathan Riddell
Revision Date: 2009-04-15 01:20:06 UTC

Fix kubuntu_56_langpacks_desktop_files.diff so it uses the stock
translation files, closes LP: #355814

Author: Yuriy Kozlov
Revision Date: 2008-05-17 11:51:47 UTC

Modified debian/patches/kubuntu_01_kde3_menu_applications.diff to
launch KDE 3 games correctly, since they are installed to /usr/games
and not /usr/bin (LP: #218138)

Author: Yuriy Kozlov
Revision Date: 2008-07-11 12:15:44 UTC

Backport double paste fix from trunk (LP: #243683)

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:23:45 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
    numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX
 * SECURITY UPDATE: kio help URL validation
  - the 'help://' protocol handler suffer from directory traversal.
  - Add debian/patches/security_03_kioslave_input_validation.diff to
    verify the URL
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX

Author: Harald Sitter
Revision Date: 2009-01-07 15:29:18 UTC

* New upstream release
* Update kubuntu_06_user_disk_mounting.diff
* Remove (applied upstream):
  - kubuntu_12_http_cache_cleaner.diff
  - kubuntu_09_fix_application_menu.diff
  - kubuntu_12_khtmlimagepart_linking.diff

Author: Jamie Strandboge
Revision Date: 2009-12-07 15:23:45 UTC

[ Jamie Strandboge ]
* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/CVE-2009-0689.diff: adjust Kmax to handle large field
    numbers in kjs/dtoa.cpp
  - CVE-2009-0689

[ Jonathan Riddell ]
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
  - Ark and KMail performs insufficient validation which leads to
    specially crafted archive files, using unknown MIME types, to be
    rendered using a KHTML instance, this can trigger uncontrolled
    XMLHTTPRequests to remote sites
  - Add debian/patches/security_02_XMLHttpRequest_vulnerability.diff,
    restricts xmlhttprequest to http protocols only
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX
 * SECURITY UPDATE: kio help URL validation
  - the 'help://' protocol handler suffer from directory traversal.
  - Add debian/patches/security_03_kioslave_input_validation.diff to
    verify the URL
  - http://www.kde.org/info/security/advisory-20091027-1.txt
  - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
  - CVE-2009-XXXX

Author: Harald Sitter
Revision Date: 2008-10-18 03:14:56 UTC

* Remove 12_deprecate_applnk.diff, it was the cause of all the problems with
  non-kde4 applications we had (broken icons, duplicated entries etc.)
  (LP: #254688, #268800)
* Add kubuntu_11_fix_openwithdialog.diff to increase reliability of
  kopenwithdialog. Without the patch it creates KService objects using
  findByName, which is wrong whenever there is a non-application service
  type with the same name as the application (e.g. Kontact and kontactconfig)

Author: Yuriy Kozlov
Revision Date: 2008-05-17 11:51:47 UTC

Modified debian/patches/kubuntu_01_kde3_menu_applications.diff to
launch KDE 3 games correctly, since they are installed to /usr/games
and not /usr/bin (LP: #218138)

Author: Jonathan Riddell
Revision Date: 2008-04-22 17:05:08 UTC

* SECURITY UPDATE: KHTML's PNG loader can be tricked into
  overrunning a heap allocated memory buffer by loading a
  specially encoded image. A remote site could cause a denial of
  service and possibly execute arbitrary code in the context of
  the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
  upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
  http://www.kde.org/info/security/advisory-20080426-1.txt
  CVE-2008-1670

Author: Jonathan Riddell
Revision Date: 2008-04-20 22:22:49 UTC

Add patch to debian/patches/series

Author: Jonathan Riddell
Revision Date: 2008-01-10 12:11:14 UTC

Gutsy backport

Author: Jonathan Riddell
Revision Date: 2008-04-22 17:21:41 UTC

* SECURITY UPDATE: KHTML's PNG loader can be tricked into
  overrunning a heap allocated memory buffer by loading a
  specially encoded image. A remote site could cause a denial of
  service and possibly execute arbitrary code in the context of
  the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
  upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
  http://www.kde.org/info/security/advisory-20080426-1.txt
  CVE-2008-1670

Author: Jonathan Riddell
Revision Date: 2008-04-22 17:21:41 UTC

* SECURITY UPDATE: KHTML's PNG loader can be tricked into
  overrunning a heap allocated memory buffer by loading a
  specially encoded image. A remote site could cause a denial of
  service and possibly execute arbitrary code in the context of
  the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
  upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
  http://www.kde.org/info/security/advisory-20080426-1.txt
  CVE-2008-1670

Author: Jonathan Riddell
Revision Date: 2007-10-10 18:30:48 UTC

New upstrem release

Author: Jonathan Riddell
Revision Date: 2007-09-06 11:22:42 UTC

Feisty build

Author: Jonathan Riddell
Revision Date: 2008-04-22 17:26:37 UTC

* SECURITY UPDATE: KHTML's PNG loader can be tricked into
  overrunning a heap allocated memory buffer by loading a
  specially encoded image. A remote site could cause a denial of
  service and possibly execute arbitrary code in the context of
  the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
  upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
  http://www.kde.org/info/security/advisory-20080426-1.txt
  CVE-2008-1670

Author: Jonathan Riddell
Revision Date: 2008-04-22 17:26:37 UTC

* SECURITY UPDATE: KHTML's PNG loader can be tricked into
  overrunning a heap allocated memory buffer by loading a
  specially encoded image. A remote site could cause a denial of
  service and possibly execute arbitrary code in the context of
  the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
  upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
  http://www.kde.org/info/security/advisory-20080426-1.txt
  CVE-2008-1670

Author: Jonathan Riddell
Revision Date: 2007-04-06 20:24:44 UTC

Add DEB_DH_SHLIBDEPS_ARGS

Author: Jonathan Riddell
Revision Date: 2006-09-06 22:45:39 UTC

Initial release.