lp:debian/kdelibs
- Get this branch:
- bzr branch lp:debian/kdelibs
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 20. By Modestas Vainius <email address hidden>
-
* Change by email address to @debian.org.
* Drop common HTML docs from kdelibs-data package. Instead suggest
kdelibs5-data which ships them (Closes: #591609). What's more, whoever
wants to view docs, will have to install khelpcenter4 which pulls in
kdelibs5-data anyway.
* Switch to dpkg-source format 3.0 (quilt):
- drop simple-patchsys.mk from debian/rules;
- add debian/patches/ series file.
* Fix corruption of zip files caused by wrong encoding of umlauts in kzip
(patch 67_kio_zip_file_ encoding. diff). (Closes: #563942) Thanks to Bjoern
Ricks for the patch.
* Support opening of KDE 4 khelpcenter in Help -> Handbook. (Closes: #525621)
Thanks to Ben Burton for the patch.
* Do not recurse into .pc subdirectory with doxygen
(patch debian/patches/ 02_exclude_ pc_from_ dox.diff) .
* Urgency=medium due to multiple RC bug fixes. - 19. By Debian Qt/KDE Maintainers <email address hidden>
-
[ Pino Toscano ]
* Pull upstream r1074155 to fix build with GCC 4.5. (Closes: #565013)[ Modestas Vainius ]
* Do not ship all_languages in kdelibs-data.[ Moritz Muehlenhoff ]
* Update copyright file. (Closes: #520485)
* License for certbundle files has been clarified. (Closes: #520977)
* Document scope of security support in Squeeze.[ Ana Beatriz Guerrero Lopez ]
* Update to Standards-Version 3.9.1, no changes required.
* Add missing ${misc:Depends}. - 18. By Debian Qt/KDE Maintainers <email address hidden>
-
+++ Changes by Scott Kitterman (patches from Kubuntu):
* SECURITY UPDATE: fix buffer overflow when converting string to float.
- debian/patches/ CVE-2009- 0689.diff: adjust Kmax to handle large field
numbers in kjs/dtoa.cpp (Closes: #559265)
- CVE-2009-0689
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability.
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
rendered using a KHTML instance, this can trigger uncontrolled
XMLHTTPRequests to remote sites.
- Add debian/patches/ security_ 05_XMLHttpReque st_vulnerabilit y.diff,
restricts xmlhttprequest to http protocols only.
- http://www.kde. org/info/ security/ advisory- 20091027- 1.txt
- oCert: #2009-015 http://www.ocert. org/advisories/ ocert-2009- 015.html
- CVE n/a
* Fix FTBFS with gcc 4.4.
- Add debian/patches/ gcc4.4_ ftbfs.diff (Closes: #556564)
* Update Vcs* in debian/control for new location.+++ Changes by Ana Beatriz Guerrero Lopez:
* Add a depend on ${shlibs:Depends} to kdelibs5-dev to make lintian happy.
* Remove Sune from Uploaders per his request.
* Update Armin and Modestas emails. - 17. By Giuseppe Iuculano
-
* Non-maintainer upload by the testing Security Team.
* Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
overflow was found in the KDE implementation of garbage collector for the
JavaScript language (KJS).
* Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
the HTML page <head> element. A remote attacker could use this flaw to
cause a denial of service (konqueror crash) or, potentially, execute
arbitrary code, with the privileges of the user running "konqueror" web
browser, if the victim was tricked to open a specially-crafted HTML page.
(Closes: #534949)
* Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
handled content, forming the value of CSS "style" attribute. A remote
attacker could use this flaw to cause a denial of service (konqueror crash)
or potentially execute arbitrary code with the privileges of the user
running "konqueror" web browser, if the victim visited a specially-crafted
CSS equipped HTML page. (Closes: #534949)
* Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not
properly handle a '\0' character in a domain name in the Subject
Alternative Name field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority (Closes: #546212) - 16. By Debian Qt/KDE Maintainers <email address hidden>
-
Add 64_use_
sys_inotify. diff patch to fix ftbfs caused by linux/inotify.
(Closes: #519881) - 15. By Debian Qt/KDE Maintainers <email address hidden>
-
+++ Changes by Ana Beatriz Guerrero Lopez:
* New upstream release.
- Most of the changes were already provided by the patches:
- 01_kdelibs_branch_ r828883. diff
- 02_kate_regression_ r777286. diff
- 03_start_kdeinit_ integer_ overflow. diff (provided for CVE-2008-1671)
- 05_kate_debianchangelog _default_ context_ r799980. diff
- 06_khtml_rendering_ r786289. diff
that have been dropped now.
- New changes:
- Changes for showing KDE 3.5.10 instead of 3.5.9 in the KDE apps.
- Fix while saving sessions for multiple scripts. (KDE SVN r837226,
KDE bug 166598).
- Fix in kdeprint. (KDE SVN r848634)
- Avoid showing authentication-dialogue being put behind the application
window. (KDE SVN r849216, KDE bug 121803).+++ Changes by Raúl Sánchez Siles:
* kdeprint: Wrong initscript name (cupsys instead of cups) (Closes:
#496110)
* Fixed 98_buildprep.patch so double compilation works.
* Fixed wrong http header parsing, added 61_httpheader_backport. diff
* Fixed wrong Google Maps rendering, added 62_fix_googlemaps_ backport. diff
* Change dependencies from obsolete libcupsys2-dev to libcups2-dev.
* konqueror: Crash on eBay page (Closes: #502459) with recently added
63_fixed-layout- table.diff - 14. By Ana Beatriz Guerrero López
-
Fix kdepart freeze with some replacements. (Closes: #482268)
Many thanks to Steve Cotton.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/squeeze/kdelibs