lp:ubuntu/lucid/kdelibs

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/lucid/kdelibs
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

167. By Jonathan Riddell

Remove kubuntu_97_kde4_menu_applications.diff, obsolete and can
cause breakage

166. By Scott Kitterman

* Merge from Debian Testing. Remaining Ubuntu changes:
  - make sure control and control.in are in sync
  - --with-distribution="Kubuntu (`lsb_release --codename --short`)
    $(DEB_VERSION)"
  - binary-install/kdelibs-data installs aboutkde-kubuntu.png.uu and
    cr*-device-system.png.uu
  - don't build-dep on libgamin-dev, libfam-dev
  - stop kdelibs4-dev depending on gamin/fam
  - don't install .svgz icons, docs or all_languages in kdelibs-data.install
  - rosetta support in rules common-install-prehook-impl:: [and
    common-post-build-arch:: ?] and include debian/kubuntu-desktop-i18n/
  - build-dep on: gettext-kde, kdesdk-scripts, lsb-release, base-files, sudo
  - cdbs build-dep 0.4.41ubuntu2
  - kdelibs4-dev depends on gettext-kde, kdesdk-scripts
  - copy debian/icons over
  - Make kdelibs4c2a depend on launchpad-integration, sudo. Recommends on
    xdg-user-dirs
  - Remove 19_debianize_useragent.diff (changed to
    kubuntu_19_debianize_useragent.diff) s/Debian/Kubuntu
  - remove kdelibs4c2a depends on menu-xdg
  - include kubuntu_01_kdepot.diff and kde.pot in debian/patches/common
  - use a local copy of kde.mk without the common-install-prehook-impl::
    rule; edit debian-qt-kde.mk to include debian/cdbs/kde.mk
  - build with --with-sudo-kdesu-backend and build-dep on sudo and make
    kdelibs4c2a depend on sudo
  - kdelibs-data.install : Add nzb mimetype
  - Make kdelibs4-dev replace more recent kdelibs4c2a for overlapping files
  - remove /usr/bin/preparetips, arts files and ksvntopng from
    kdelibs4-dev.install
  - Drop the package kdelibs4-doc completely. It contained API documentation
    which is now obsolete, but still available via api.kde.org.
  - make sure control and control.in are in sync
  - in debian/rule remove .pot files outside .po directory
  - 97_automake_cleanup.diff becomes kubuntu_97_automake_cleanup.diff
* Remove libarts1-dev from build-depends and kdelibs4-dev depends from control.in
* Drop debian/patches/kubuntu_62_flash_installer.diff (obsolete and broken)
* Drop debian/patches/kubuntu_gcc4.4_ftbfs.diff, now included from Debian as
  debian/patches/65_gcc4.4_ftbfs.diff
* Drop debian/patches/security_05_CVE-2009-0689.diff, now included from
  Debian as debian/patches/CVE-2009-0689.diff

165. By Jamie Strandboge

* SECURITY UPDATE: fix buffer overflow when converting string to float
  - debian/patches/security_05_CVE-2009-0689.diff: adjust Kmax to handle
    large field numbers in kjs/dtoa.cpp
  - CVE-2009-0689

164. By Jonathan Riddell

* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability
 - Ark and KMail performs insufficient validation which leads to
   specially crafted archive files, using unknown MIME types, to be
   rendered using a KHTML instance, this can trigger uncontrolled
   XMLHTTPRequests to remote sites
 - Add debian/patches/security_05_XMLHttpRequest_vulnerability.diff,
   restricts xmlhttprequest to http protocols only
 - http://www.kde.org/info/security/advisory-20091027-1.txt
 - oCert: #2009-015 http://www.ocert.org/advisories/ocert-2009-015.html
 - CVE n/a

163. By Jonathan Riddell

Update kubuntu_38_no_generate_kdepot.diff to generate correct kde.pot

162. By Jonathan Riddell

* Merge with Debian, remaining changes
 - make sure control and control.in are in sync
 - --with-distribution="Kubuntu (`lsb_release --codename --short`) $(DEB_VERSION)"
 - binary-install/kdelibs-data installs aboutkde-kubuntu.png.uu and cr*-device-system.png.uu
 - don't build-dep on libgamin-dev, libfam-dev
 - stop kdelibs4-dev depending on gamin/fam
 - don't install .svgz icons, docs or all_languages in kdelibs-data.install
 - rosetta support in rules common-install-prehook-impl:: [and common-post-build-arch:: ?] and include debian/kubuntu-desktop-i18n/
 - build-dep on: gettext-kde, kdesdk-scripts, lsb-release, base-files, sudo
 - cdbs build-dep 0.4.41ubuntu2
 - kdelibs4-dev depends on gettext-kde, kdesdk-scripts
 - copy debian/icons over
 - Make kdelibs4c2a depend on launchpad-integration, sudo. Recommends on xdg-user-dirs
 - Remove 19_debianize_useragent.diff (changed to kubuntu_19_debianize_useragent.diff) s/Debian/Kubuntu
 - remove kdelibs4c2a depends on menu-xdg
 - include kubuntu_01_kdepot.diff and kde.pot in debian/patches/common
 - use a local copy of kde.mk without the common-install-prehook-impl:: rule; edit debian-qt-kde.mk to include debian/cdbs/kde.mk
 - build with --with-sudo-kdesu-backend and build-dep on sudo and make kdelibs4c2a depend on sudo
 - kdelibs-data.install : Add nzb mimetype
 - Make kdelibs4-dev replace more recent kdelibs4c2a for overlapping files
 - remove /usr/bin/preparetips, arts files and ksvntopng from kdelibs4-dev.install
 - Drop the package kdelibs4-doc completely. It contained API documentation which is now obsolete, but still available via api.kde.org.
 - make sure control and control.in are in sync
 - in debian/rule remove .pot files outside .po directory
 - 97_automake_cleanup.diff becomes kubuntu_97_automake_cleanup.diff

161. By Harald Sitter

Move the pot removal to common-binary-predeb-indep so it does not
cause mid-build break, also prevent it from removing pot files that reside
in ./debian/, to prevent dh_install from failing (LP: #432378)

160. By Harald Sitter

Nuke all the pots outside the po directory. qt-messages.pot is getting
merged into the main kdelibs.pot but the fancy importer app thinks that
it is a good idea to import all pots to be found anywhere within the
source tree. Thus it also imports qt-messages.pot which is then duplicated
with kdelibs.pot (also imported obviously). qt-messages.pot should also be
removed from LP (LP: #432378)

159. By Jamie Strandboge

* SECURITY UPDATE: fix vulnerability with NULL byte in Subject Alternate
  Names field of X.509 certificates
  - debian/patches/security_04_CVE-2009-2702.diff: verify that the
    QString length of the SAN is not shorter than the ASN1 length
  - CVE-2009-2702
* kubuntu_glibc_2.8_ftbfs.diff: fix FTBFS when using gcc 4.4 or higher
* Following patches forward ported from http://www.ubuntu.com/usn/USN-822-1
  (by Marc Deslauriers)
* SECURITY UPDATE: arbitrary code execution via JavaScript garbage
  collector allocation failures
  - debian/patches/security_01_CVE-2009-1687.diff: make sure we don't
    overflow before doing the realloc in kjs/collector.cpp.
  - CVE-2009-1687
* SECURITY UPDATE: arbitrary code execution via use-after-free
  - debian/patches/security_02_CVE-2009-1690.diff: use head.get() in
    khtml/html/htmlparser.cpp, and backport khtml/html/{AlwaysInline,
    htmlparser,Platform,RefPtr}.h.
  - CVE-2009-1690
* SECURITY UPDATE: arbitrary code execution via CSS attr function call
  with a large numerical argument
  - debian/patches/security_03_CVE-2009-1698.diff: add extra checks to
    khtml/css/cssparser.cpp and implement CSSPrimitiveValue::CSS_ATTR in
    khtml/css/css_valueimpl.cpp.
  - CVE-2009-1698

158. By Scott Kitterman

Add build-dep on pkg-kde-tools so we have /usr/bin/extract* and the
package will build

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/maverick/kdelibs
This branch contains Public information 
Everyone can see this information.

Subscribers