[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#534949: marked as done (CVE-2009-1698 CVE-2009-1690)



Your message dated Fri, 04 Sep 2009 18:32:08 +0000
with message-id <E1MjdZw-00064c-TQ@ries.debian.org>
and subject line Bug#534949: fixed in kdelibs 4:3.5.10.dfsg.1-0lenny2
has caused the Debian Bug report #534949,
regarding CVE-2009-1698 CVE-2009-1690
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
534949: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534949
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: kde4libs
Severity: serious
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for kde4libs.

CVE-2009-1698[0]:
| WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and
| iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a
| pointer during handling of a Cascading Style Sheets (CSS) attr
| function call with a large numerical argument, which allows remote
| attackers to execute arbitrary code or cause a denial of service
| (memory corruption and application crash) via a crafted HTML document.

CVE-2009-1690[1]:
| Use-after-free vulnerability in WebKit, as used in Apple Safari before
| 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through
| 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows
| remote attackers to execute arbitrary code or cause a denial of
| service (memory corruption and application crash) by setting an
| unspecified property of an HTML tag that causes child elements to be
| freed and later accessed when an HTML error occurs, related to
| "recursion in certain DOM event handlers."

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
    http://security-tracker.debian.net/tracker/CVE-2009-1698
    Upstream WebKit patch: http://trac.webkit.org/changeset/42081
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
    http://security-tracker.debian.net/tracker/CVE-2009-1690
    Upstream WebKit patch: http://trac.webkit.org/changeset/42532
    Upstream KDE 4.2 patch: http://websvn.kde.org/?view=rev&revision=983316

Cheers,
Giuseppe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEUEARECAAYFAkpHbXMACgkQNxpp46476aozMACggLXxefxPO5I2tyYL1jJ0nnSj
XP4Al2eJElqsD3/lKXrGwe/vIg9xKmA=
=TaZb
-----END PGP SIGNATURE-----



--- End Message ---
--- Begin Message ---
Source: kdelibs
Source-Version: 4:3.5.10.dfsg.1-0lenny2

We believe that the bug you reported is fixed in the latest version of
kdelibs, which is due to be installed in the Debian FTP archive:

kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb
  to pool/main/k/kdelibs/kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb
kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb
  to pool/main/k/kdelibs/kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb
kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb
  to pool/main/k/kdelibs/kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb
kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb
  to pool/main/k/kdelibs/kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb
kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb
  to pool/main/k/kdelibs/kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb
kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz
  to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz
kdelibs_3.5.10.dfsg.1-0lenny2.dsc
  to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2.dsc
kdelibs_3.5.10.dfsg.1-0lenny2_all.deb
  to pool/main/k/kdelibs/kdelibs_3.5.10.dfsg.1-0lenny2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 534949@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Giuseppe Iuculano <giuseppe@iuculano.it> (supplier of updated kdelibs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 09 Aug 2009 16:43:32 +0200
Source: kdelibs
Binary: kdelibs kdelibs-data kdelibs4c2a kdelibs4-dev kdelibs4-doc kdelibs-dbg
Architecture: source all i386
Version: 4:3.5.10.dfsg.1-0lenny2
Distribution: stable-security
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it>
Description: 
 kdelibs    - core libraries from the official KDE release
 kdelibs-data - core shared data for all KDE applications
 kdelibs-dbg - debugging symbols for kdelibs
 kdelibs4-dev - development files for the KDE core libraries
 kdelibs4-doc - developer documentation for the KDE core libraries
 kdelibs4c2a - core libraries and binaries for all KDE applications
Closes: 534949 534949
Changes: 
 kdelibs (4:3.5.10.dfsg.1-0lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload.
   * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
     overflow was found in the KDE implementation of garbage collector for the
     JavaScript language (KJS).
   * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
     the HTML page <head> element. A remote attacker could use this flaw to
     cause a denial of service (konqueror crash) or, potentially, execute
     arbitrary code, with the privileges of the user running "konqueror" web
     browser, if the victim was tricked to open a specially-crafted HTML page.
     (Closes: #534949)
   * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
     handled content, forming the value of CSS "style" attribute. A remote
     attacker could use this flaw to cause a denial of service (konqueror crash)
     or potentially execute arbitrary code with the privileges of the user
     running "konqueror" web browser, if the victim visited a specially-crafted
     CSS equipped HTML page. (Closes: #534949)
Checksums-Sha1: 
 917d2e245d7032aff9153ef85b58ad9abf89c87d 2245 kdelibs_3.5.10.dfsg.1-0lenny2.dsc
 347186fffa76369795811e54b514f1fc22363a0f 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz
 b7860c66c30c3acf12ede288478be95a3c8780bc 412545 kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz
 550ed5a9f7ceb847c83e5b5ac1703802cd123a0d 29918 kdelibs_3.5.10.dfsg.1-0lenny2_all.deb
 1540c788f23c4e7cfa83bdecab69014cdd9553e9 8713862 kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb
 2e5ddf4f463ed9ebb56a0c59c39428829856a0aa 26418020 kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb
 ee41a06ded540e5a9e37188cf33c72f9635abc32 10383036 kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb
 a300a6013b57454bda8bb5a7fd5dedf2a264de34 1442054 kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb
 2355e8b4fab3bf57e227122249b6d6427ed594fa 26686156 kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb
Checksums-Sha256: 
 d13fc9aa439d769712fe54a8d0bf45c5eeea18daaea1ec77994619bea9efd31b 2245 kdelibs_3.5.10.dfsg.1-0lenny2.dsc
 09119022c615547284beaa262ccc06fc9328f1dc66ebd030ab97d66819eb9f0d 18639393 kdelibs_3.5.10.dfsg.1.orig.tar.gz
 9c965b144bc8c9eda95085cd3e19da9c4e6cee629a04d60573be0d5ba28b95ce 412545 kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz
 38c752788511e652e3bd50558ad34e3abbcb9021bc9247f8b44e0bcc029718cc 29918 kdelibs_3.5.10.dfsg.1-0lenny2_all.deb
 f271ce192b24f4764f30c56796c028415451ac7082a539cf425b9130c222355e 8713862 kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb
 c331a932e09bd1290ced68d9ae07e778093b8cc0be430f4cdc00fa4627dbb26b 26418020 kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb
 fcb1342b673fed8f75f91540ae339409551794539cf40c3a0c3e702565e09d2e 10383036 kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb
 821d177ac8e519ccbf030cf50afb802ca963e47872f85f37f923da20f49d5d6c 1442054 kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb
 10ac4854ff108e80352d2983c4e90a2774fbd9bab9647cecc60f91cbfccefe32 26686156 kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb
Files: 
 61102e1ac7ad325720bc2bcac16d481f 2245 libs optional kdelibs_3.5.10.dfsg.1-0lenny2.dsc
 4bcfee29b0f939415791f5032a72e7b0 18639393 libs optional kdelibs_3.5.10.dfsg.1.orig.tar.gz
 a09c6aa2f0d3c0c44af5e713f75f35b6 412545 libs optional kdelibs_3.5.10.dfsg.1-0lenny2.diff.gz
 eb82b39b6c29628767a9ecaa46bf4652 29918 libs optional kdelibs_3.5.10.dfsg.1-0lenny2_all.deb
 1ab162c4a5a27a71431f1ed045105609 8713862 libs optional kdelibs-data_3.5.10.dfsg.1-0lenny2_all.deb
 693390c0455a96a718bf9a8171534e2c 26418020 doc optional kdelibs4-doc_3.5.10.dfsg.1-0lenny2_all.deb
 707b9b42744a1106727b710d06b6eeba 10383036 libs optional kdelibs4c2a_3.5.10.dfsg.1-0lenny2_i386.deb
 42dc420f8dbe8f5b342e25909801ce4c 1442054 libdevel optional kdelibs4-dev_3.5.10.dfsg.1-0lenny2_i386.deb
 ae4b51c616894dc41b1070f0c413445a 26686156 libdevel extra kdelibs-dbg_3.5.10.dfsg.1-0lenny2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqIjNoACgkQ62zWxYk/rQc04ACfdosy9Gpz0N9PzA2YWiZ4tg3J
D2UAmwSBDXig2uX3Bqj8/qgId0bm6Py/
=K9cD
-----END PGP SIGNATURE-----



--- End Message ---

Reply to: