Fixed in NMU of kdelibs 4:3.2.3-3.sarge.1
tag 268016 + fixed
quit
This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 30 Aug 2004 15:20:22 +1000
Source: kdelibs
Binary: kdelibs4 kdelibs-bin kdelibs kdelibs4-doc kdelibs-data kdelibs4-dev
Architecture: source i386 all
Version: 4:3.2.3-3.sarge.1
Distribution: testing
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Ben Burton <bab@debian.org>
Description:
kdelibs - KDE core libraries metapackage
kdelibs-bin - KDE core binaries
kdelibs-data - KDE core shared data
kdelibs4 - KDE core libraries
kdelibs4-dev - KDE core libraries (development files)
kdelibs4-doc - KDE core library documentation
Closes: 268016
Changes:
kdelibs (4:3.2.3-3.sarge.1) testing-proposed-updates; urgency=high
.
* Security update for sarge.
* Fixes unsafe use of temporary directory (CAN-2004-0689).
* Fixes unsafe creation of temporary directory (CAN-2004-0690; #261386).
* Fixes frame injection vulnerability (CAN-2004-0721; #261740). Note that
this package provides only part of the fix; the remainder of the fix is
in kdebase 4:3.2.3-0.sarge.1.
* Fixes cross-domain cookie injection vulnerability for certain country
specific domains (CAN-2004-0746; Closes: #268016).
* Also applied other updates from kdelibs 4:3.2.3-4 in sid, which included
a KDE_3_2_BRANCH update (bugfixes only) and a rebuild against libtiff4-dev.
* Note that all of the above security fixes except for CAN-2004-0721 were
also present in the branch update from 4:3.2.3-4.
Files:
f5b09f375926bd6429ab8025c175dead 1102 libs optional kdelibs_3.2.3-3.sarge.1.dsc
48e515cdcec7fa23d166baf813c07511 124175 libs optional kdelibs_3.2.3-3.sarge.1.diff.gz
a0f503362870f59726f00e5f8ace3cf1 842774 libs optional kdelibs-bin_3.2.3-3.sarge.1_i386.deb
30bdd38e061d1edc2fa233142dbe2a2a 7601438 libs optional kdelibs4_3.2.3-3.sarge.1_i386.deb
23762a10c31b5d64867cf80050fd203b 1133464 libdevel optional kdelibs4-dev_3.2.3-3.sarge.1_i386.deb
c49b41331383e5a3b625577f1f79e070 16490 kde optional kdelibs_3.2.3-3.sarge.1_all.deb
615c80394373de58b87f25ad5245eddd 6392354 libs optional kdelibs-data_3.2.3-3.sarge.1_all.deb
4eccb013d102410df74697f373c9e3ac 11617372 doc optional kdelibs4-doc_3.2.3-3.sarge.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBM190MQNuxza4YcERAoMRAJ9gVylryFO+BjbpdJMgt3MeT9KZSQCfcnf/
j2+X2l5yyQ+hZADlTxra2s0=
=ZGnF
-----END PGP SIGNATURE-----
Reply to: