Branches for Intrepid

Author: Roderick B. Greening
Revision Date: 2008-09-29 13:59:56 UTC

* New Upstream Release - bump config from ubuntu 4.4.2 deb
* Update copyright info from debian copyright
* Re-sync with Debian svn
  - Add following qt-copy patches:
    0245-fix-randr-changes-detecting.diff
    0248-fix-qwidget-scroll-slowness.diff
    0249-webkit-stale-frame-pointer.diff
    0254-fix-qgraphicsproxywidget-deletion-crash.diff
  - Remove following qt-copy patches (prev disabled):
    0214-fix-qgraphicsproxywidget-tab-crash.diff
    0220-no-x-recursion-in-xerrhandler.diff
    0223-fix-qpixmap-hasalpha.diff
    0227-qdatastream-regression.diff
    0228-qsortfilterproxymodel-invalidate-noscroll.diff
    0237-printdialog-assert.diff
    0240-printdialog-print-into-real-printer.diff
  - Remove following Debian patches (prev disabled):
    90_gcc43.diff
  - Add following debian patches:
    16_hide_std_symbols_on_qtwebkit.diff
    17_add_postgresql_8.3_support.diff
    30_webkit_unaligned_access.diff
    71_hppa_unaligned_access_fix_458133.diff
    81_hurd_more_max_path.diff
  - Cosmetic cleanup in control
    replace Qt4 with Qt 4 as per Debian
    some grammer clean-up in comments/notes
  - libqt4-dev.install (insert missing help - usr/include/qt4/QtHelp/QHelpGlobal)
  - Updated some patches (line numbering changed - cosmetic only)
    0167-fix-group-reading.diff
    0180-window-role.diff
    0195-compositing-properties.diff
    0203-qtexthtmlparser-link-color.diff
    0216-allow-isystem-for-headers.diff
    0224-fast-qpixmap-fill.diff
    0226-qtreeview-column_resize_when_needed.diff
    0234-fix-mysql-threaded.diff
    0238-fix-qt-qttabbar-size.diff
    05_append_qt4_target.diff
    50_kfreebsd_build_fix.diff
  - Patches with some re-write changes/fixes (non-cosmetic):
    14_add_libraries_to_gui_build_where_actually_needed.diff
    20_mips_atomic_ops.diff

Author: Jonathan Thomas
Revision Date: 2009-01-14 11:51:36 UTC

Add 0260-fix-qgraphicswidget-deletionclearFocus.diff from KDE's qt-copy
Fixes KDE bug 168278 observable in the file watcher plasmoid (LP: #272399)

Author: Marc Deslauriers
Revision Date: 2009-10-26 15:08:47 UTC

* SECURITY UPDATE: remote code execution via document with a SVGPathList
  data structure containing a negative index.
  - debian/patches/security_CVE-2009-0945.diff: make sure index is valid
    in src/3rdparty/webkit/WebCore/svg/SVGList.h.
  - CVE-2009-0945
* SECURITY UPDATE: denial of service or arbitrary code execution via
  JavaScript garbage collector allocation failures.
  - debian/patches/security_CVE-2009-1687.diff: make sure numBlocks is
    valid in src/3rdparty/webkit/JavaScriptCore/runtime/Collector.cpp.
  - CVE-2009-1687
* SECURITY UPDATE: denial of service or arbitrary code execution via
  use-after-free.
  - debian/patches/security_CVE-2009-1690.diff: Fix incorrect handling of
    head element in src/3rdparty/webkit/WebCore/html/HTMLParser.{h,cpp}.
  - CVE-2009-1690
* SECURITY UPDATE: denial of service or arbitrary code execution via
  attr function call with a large numerical argument.
  - debian/patches/security_CVE-2009-1698.diff: fix attr handling in
    src/3rdparty/webkit/WebCore/css/{CSSParser,CSSPrimitiveValue}.cpp.
  - CVE-2009-1698
* SECURITY UPDATE: arbitrary file disclosure via crafted DTD.
  - debian/patches/security_CVE-2009-1698.diff: fix
    shouldAllowExternalLoad logic in
    src/3rdparty/webkit/WebCore/dom/XMLTokenizer.cpp.
  - CVE-2009-1699
* SECURITY UPDATE: denial of service or arbitrary code execution via
  crafted HTML document with Attr DOM objects.
  - debian/patches/security_CVE-2009-1711.diff: add isMappedAttribute
    and remove attributeItem, getAttributeItem in
    src/3rdparty/webkit/WebCore/css/CSSStyleSelector.cpp,
    src/3rdparty/webkit/WebCore/dom/{Attribute.h,MappedAttribute.h,
    NamedMappedAttrMap.*,StyledElement.cpp},
    src/3rdparty/webkit/WebCore/html/HTMLInputElement.cpp.
  - CVE-2009-1711
* SECURITY UPDATE: arbitrary code execution via remote loading of
  local java applets.
  - debian/patches/security_CVE-2009-1712.diff: Use same rule for loading
    java applets as webkit does for images in
    src/3rdparty/webkit/WebCore/html/HTMLAppletElement.cpp,
    src/3rdparty/webkit/WebCore/loader/FrameLoader.cpp.
  - CVE-2009-1712
* SECURITY UPDATE: arbitrary file disclosure via XSLT functionality
  - debian/patches/security_CVE-2009-1713.diff: Test that the XSL
    document() function doesn't load a document from a foreign origin in
    src/3rdparty/webkit/WebCore/xml/XSLTProcessor.cpp.
  - CVE-2009-1713
* SECURITY UPDATE: denial of service or arbitrary code execution via
  numeric character references.
  - debian/patches/security_CVE-2009-1725.diff: increase size of
    checkBuffer() in src/3rdparty/webkit/WebCore/html/HTMLTokenizer.cpp.
  - CVE-2009-1725

Author: Marc Deslauriers
Revision Date: 2009-10-26 15:08:47 UTC

* SECURITY UPDATE: remote code execution via document with a SVGPathList
  data structure containing a negative index.
  - debian/patches/security_CVE-2009-0945.diff: make sure index is valid
    in src/3rdparty/webkit/WebCore/svg/SVGList.h.
  - CVE-2009-0945
* SECURITY UPDATE: denial of service or arbitrary code execution via
  JavaScript garbage collector allocation failures.
  - debian/patches/security_CVE-2009-1687.diff: make sure numBlocks is
    valid in src/3rdparty/webkit/JavaScriptCore/runtime/Collector.cpp.
  - CVE-2009-1687
* SECURITY UPDATE: denial of service or arbitrary code execution via
  use-after-free.
  - debian/patches/security_CVE-2009-1690.diff: Fix incorrect handling of
    head element in src/3rdparty/webkit/WebCore/html/HTMLParser.{h,cpp}.
  - CVE-2009-1690
* SECURITY UPDATE: denial of service or arbitrary code execution via
  attr function call with a large numerical argument.
  - debian/patches/security_CVE-2009-1698.diff: fix attr handling in
    src/3rdparty/webkit/WebCore/css/{CSSParser,CSSPrimitiveValue}.cpp.
  - CVE-2009-1698
* SECURITY UPDATE: arbitrary file disclosure via crafted DTD.
  - debian/patches/security_CVE-2009-1698.diff: fix
    shouldAllowExternalLoad logic in
    src/3rdparty/webkit/WebCore/dom/XMLTokenizer.cpp.
  - CVE-2009-1699
* SECURITY UPDATE: denial of service or arbitrary code execution via
  crafted HTML document with Attr DOM objects.
  - debian/patches/security_CVE-2009-1711.diff: add isMappedAttribute
    and remove attributeItem, getAttributeItem in
    src/3rdparty/webkit/WebCore/css/CSSStyleSelector.cpp,
    src/3rdparty/webkit/WebCore/dom/{Attribute.h,MappedAttribute.h,
    NamedMappedAttrMap.*,StyledElement.cpp},
    src/3rdparty/webkit/WebCore/html/HTMLInputElement.cpp.
  - CVE-2009-1711
* SECURITY UPDATE: arbitrary code execution via remote loading of
  local java applets.
  - debian/patches/security_CVE-2009-1712.diff: Use same rule for loading
    java applets as webkit does for images in
    src/3rdparty/webkit/WebCore/html/HTMLAppletElement.cpp,
    src/3rdparty/webkit/WebCore/loader/FrameLoader.cpp.
  - CVE-2009-1712
* SECURITY UPDATE: arbitrary file disclosure via XSLT functionality
  - debian/patches/security_CVE-2009-1713.diff: Test that the XSL
    document() function doesn't load a document from a foreign origin in
    src/3rdparty/webkit/WebCore/xml/XSLTProcessor.cpp.
  - CVE-2009-1713
* SECURITY UPDATE: denial of service or arbitrary code execution via
  numeric character references.
  - debian/patches/security_CVE-2009-1725.diff: increase size of
    checkBuffer() in src/3rdparty/webkit/WebCore/html/HTMLTokenizer.cpp.
  - CVE-2009-1725