Bug#534949: marked as done (CVE-2009-1698 CVE-2009-1690)

To: Giuseppe Iuculano <giuseppe@iuculano.it>
Subject: Bug#534949: marked as done (CVE-2009-1698 CVE-2009-1690)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Thu, 17 Dec 2009 00:03:11 +0000
Message-id: <[🔎] handler.534949.D534949.12610078773064.ackdone@bugs.debian.org>
References: <E1NL3ki-0002IA-8j@ries.debian.org> <20090628131742.11654.2291.reportbug@localhost>

Your message dated Wed, 16 Dec 2009 23:57:56 +0000
with message-id <E1NL3ki-0002IA-8j@ries.debian.org>
and subject line Bug#534949: fixed in kde4libs 4:4.1.0-3+lenny1
has caused the Debian Bug report #534949,
regarding CVE-2009-1698 CVE-2009-1690
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
534949: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534949
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2009-1698 CVE-2009-1690
From: Giuseppe Iuculano <giuseppe@iuculano.it>
Date: Sun, 28 Jun 2009 15:17:42 +0200
Message-id: <20090628131742.11654.2291.reportbug@localhost>

Package: kde4libs
Severity: serious
Tags: security patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for kde4libs.

CVE-2009-1698[0]:
| WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and
| iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a
| pointer during handling of a Cascading Style Sheets (CSS) attr
| function call with a large numerical argument, which allows remote
| attackers to execute arbitrary code or cause a denial of service
| (memory corruption and application crash) via a crafted HTML document.

CVE-2009-1690[1]:
| Use-after-free vulnerability in WebKit, as used in Apple Safari before
| 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through
| 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows
| remote attackers to execute arbitrary code or cause a denial of
| service (memory corruption and application crash) by setting an
| unspecified property of an HTML tag that causes child elements to be
| freed and later accessed when an HTML error occurs, related to
| "recursion in certain DOM event handlers."

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1698
    http://security-tracker.debian.net/tracker/CVE-2009-1698
    Upstream WebKit patch: http://trac.webkit.org/changeset/42081
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1690
    http://security-tracker.debian.net/tracker/CVE-2009-1690
    Upstream WebKit patch: http://trac.webkit.org/changeset/42532
    Upstream KDE 4.2 patch: http://websvn.kde.org/?view=rev&revision=983316

Cheers,
Giuseppe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEUEARECAAYFAkpHbXMACgkQNxpp46476aozMACggLXxefxPO5I2tyYL1jJ0nnSj
XP4Al2eJElqsD3/lKXrGwe/vIg9xKmA=
=TaZb
-----END PGP SIGNATURE-----

--- End Message ---

--- Begin Message ---

To: 534949-close@bugs.debian.org
Subject: Bug#534949: fixed in kde4libs 4:4.1.0-3+lenny1
From: Giuseppe Iuculano <giuseppe@iuculano.it>
Date: Wed, 16 Dec 2009 23:57:56 +0000
Message-id: <E1NL3ki-0002IA-8j@ries.debian.org>

Source: kde4libs
Source-Version: 4:4.1.0-3+lenny1

We believe that the bug you reported is fixed in the latest version of
kde4libs, which is due to be installed in the Debian FTP archive:

kde4libs_4.1.0-3+lenny1.diff.gz
  to main/k/kde4libs/kde4libs_4.1.0-3+lenny1.diff.gz
kde4libs_4.1.0-3+lenny1.dsc
  to main/k/kde4libs/kde4libs_4.1.0-3+lenny1.dsc
kdelibs-bin_4.1.0-3+lenny1_i386.deb
  to main/k/kde4libs/kdelibs-bin_4.1.0-3+lenny1_i386.deb
kdelibs5-data_4.1.0-3+lenny1_all.deb
  to main/k/kde4libs/kdelibs5-data_4.1.0-3+lenny1_all.deb
kdelibs5-dbg_4.1.0-3+lenny1_i386.deb
  to main/k/kde4libs/kdelibs5-dbg_4.1.0-3+lenny1_i386.deb
kdelibs5-dev_4.1.0-3+lenny1_i386.deb
  to main/k/kde4libs/kdelibs5-dev_4.1.0-3+lenny1_i386.deb
kdelibs5_4.1.0-3+lenny1_i386.deb
  to main/k/kde4libs/kdelibs5_4.1.0-3+lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 534949@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Giuseppe Iuculano <giuseppe@iuculano.it> (supplier of updated kde4libs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 09 Aug 2009 14:00:33 +0200
Source: kde4libs
Binary: kdelibs5 kdelibs5-data kdelibs5-dev kdelibs-bin kdelibs5-dbg
Architecture: source all i386
Version: 4:4.1.0-3+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it>
Description: 
 kdelibs-bin - executables for all KDE 4 core applications
 kdelibs5   - core libraries for all KDE 4 applications
 kdelibs5-data - core shared data for all KDE 4 applications
 kdelibs5-dbg - debugging symbols for the KDE 4 libraries module
 kdelibs5-dev - development files for the KDE 4 core libraries
Closes: 534949 534949
Changes: 
 kde4libs (4:4.1.0-3+lenny1) stable-security; urgency=high
 .
   * Non-maintainer upload.
   * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer
     overflow was found in the KDE implementation of garbage collector for the
     JavaScript language (KJS).
   * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming
     the HTML page <head> element. A remote attacker could use this flaw to
     cause a denial of service (konqueror crash) or, potentially, execute
     arbitrary code, with the privileges of the user running "konqueror" web
     browser, if the victim was tricked to open a specially-crafted HTML page.
     (Closes: #534949)
   * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly
     handled content, forming the value of CSS "style" attribute. A remote
     attacker could use this flaw to cause a denial of service (konqueror crash)
     or potentially execute arbitrary code with the privileges of the user
     running "konqueror" web browser, if the victim visited a specially-crafted
     CSS equipped HTML page. (Closes: #534949)
Checksums-Sha1: 
 8c0764e6fafa22c8c90006c74a65f6fcf296efa2 2149 kde4libs_4.1.0-3+lenny1.dsc
 87f40f82bd9a0bc19ccf877dd4ef72dfba2577d3 11264345 kde4libs_4.1.0.orig.tar.gz
 94fa817ad235f87efae6b6a7a9c36ade0e492516 91423 kde4libs_4.1.0-3+lenny1.diff.gz
 edac323ccca00a879aff8c6bfffb438f4e0527bb 3140792 kdelibs5-data_4.1.0-3+lenny1_all.deb
 0666b9eed207a6577ec0f6b9358d10064a54db6d 9495028 kdelibs5_4.1.0-3+lenny1_i386.deb
 3f2a3f358235a00e8e5c0e13b98e4df20db996d7 1494680 kdelibs5-dev_4.1.0-3+lenny1_i386.deb
 03afc0e0c4f92fa190d0d855fedb70f5dd4f5a3d 428258 kdelibs-bin_4.1.0-3+lenny1_i386.deb
 fd4c87a120b88dc6e4d93fdb71205ec575296d81 65050706 kdelibs5-dbg_4.1.0-3+lenny1_i386.deb
Checksums-Sha256: 
 43ac6edb12df738d6c0b7b48d97eba3aff9b6137923708513a84954c4fccf68e 2149 kde4libs_4.1.0-3+lenny1.dsc
 6c1a0af094878a639fbab26f3fdeef2ca924e4a88c03a89b5818ae3cd0138a5c 11264345 kde4libs_4.1.0.orig.tar.gz
 341e25346781e157ad4f07c94cc4d571bdded7617ead2d544881dbc85ee8a705 91423 kde4libs_4.1.0-3+lenny1.diff.gz
 a6024794eff9a3fd171d2e52997d6180137e905fa22d09bf279148bfd873c28a 3140792 kdelibs5-data_4.1.0-3+lenny1_all.deb
 1d23f87f22956a5be83af68f292e791d28bf6850c550c9b6423a83bce05fe3c0 9495028 kdelibs5_4.1.0-3+lenny1_i386.deb
 28ff0086564f2fd6529adc9f94d2598531bc8819890c6aba7b7adea1cba386eb 1494680 kdelibs5-dev_4.1.0-3+lenny1_i386.deb
 75bea7fd90e72228aa004c56356f7a7e7d6a773be115794d7822b305799953e7 428258 kdelibs-bin_4.1.0-3+lenny1_i386.deb
 c0733beda7bd6e2846b12cea45c8dfb3cb2f608b9be654ca35677f1cf5db88ce 65050706 kdelibs5-dbg_4.1.0-3+lenny1_i386.deb
Files: 
 7bc7675c4aa9e7afd4fa3f83b3f95810 2149 libs optional kde4libs_4.1.0-3+lenny1.dsc
 05487ff0cbc3da093f19e59184b259c7 11264345 libs optional kde4libs_4.1.0.orig.tar.gz
 ecc50e9bedff96a3285a031141ea15d6 91423 libs optional kde4libs_4.1.0-3+lenny1.diff.gz
 47debc16cde2c9a927252ef09d89c1a3 3140792 libs optional kdelibs5-data_4.1.0-3+lenny1_all.deb
 0486badbc6a675555500eac834e66770 9495028 libs optional kdelibs5_4.1.0-3+lenny1_i386.deb
 7caef230087548ae9fafc4c9cbfa51a6 1494680 libdevel optional kdelibs5-dev_4.1.0-3+lenny1_i386.deb
 a2154b9e6f111e00d9fafee2e44950d3 428258 libs optional kdelibs-bin_4.1.0-3+lenny1_i386.deb
 cc57db2601c136b0ea25aa2aafc9ada4 65050706 libdevel extra kdelibs5-dbg_4.1.0-3+lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqGF+AACgkQ62zWxYk/rQfpZQCgxfsXFQFcnarv8r29cSql0tJK
gN8AoItglXlVJScKL5KeweX5yJaV7lB3
=GouX
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Processed: bug 561315 is forwarded to https://bugs.kde.org/show_bug.cgi?id=218954, tagging 561315
Next by Date: Bug#534918: marked as done (CVE-2009-0945: KSVG NULL-pointer dereference in the SVGList interface implementation)
Previous by thread: Processed: bug 561315 is forwarded to https://bugs.kde.org/show_bug.cgi?id=218954, tagging 561315
Next by thread: Bug#534918: marked as done (CVE-2009-0945: KSVG NULL-pointer dereference in the SVGList interface implementation)
Index(es):
- Date
- Thread