Accepted kdegraphics 4:3.5.7-4+lenny1 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 16 Nov 2007 09:57:48 +0100
Source: kdegraphics
Binary: kdegraphics-kfile-plugins ksnapshot kviewshell kghostview libkscan-dev kruler kcoloredit kamera kdegraphics-dev libkscan1 kdegraphics-dbg kview kdegraphics-doc-html kpdf ksvg kdvi kiconedit kfax kfaxview kuickshow kooka kdegraphics kolourpaint kmrml kgamma kpovmodeler
Architecture: source i386 all
Version: 4:3.5.7-4+lenny1
Distribution: testing-security
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
kamera - digital camera io_slave for Konqueror
kcoloredit - a color palette editor and color picker for KDE
kdegraphics - graphics apps from the official KDE release
kdegraphics-dbg - debugging symbols for kdegraphics
kdegraphics-dev - development files for the KDE graphics module
kdegraphics-doc-html - KDE graphics documentation in HTML format
kdegraphics-kfile-plugins - KDE metainfo plugins for graphic files
kdvi - dvi viewer for KDE
kfax - G3/G4 fax viewer for KDE
kfaxview - G3/G4 fax viewer for KDE using kviewshell
kgamma - gamma correction module for the KDE Control Center
kghostview - PostScript viewer for KDE
kiconedit - an icon editor for KDE
kmrml - a Konqueror plugin for searching pictures
kolourpaint - a simple paint program for KDE
kooka - scanner program for KDE
kpdf - PDF viewer for KDE
kpovmodeler - a graphical editor for povray scenes
kruler - a screen ruler and color measurement tool for KDE
ksnapshot - screenshot utility for KDE
ksvg - SVG viewer for KDE
kuickshow - KDE image/slideshow viewer
kview - simple image viewer/converter for KDE
kviewshell - generic framework for viewer applications in KDE
libkscan-dev - development files for the KDE scanner library
libkscan1 - scanner library for KDE
Closes: 450630
Changes:
kdegraphics (4:3.5.7-4+lenny1) testing-security; urgency=high
.
* Non-maintainer upload by testing security team.
* Included post-3.5.8-kdegraphics-kpdf.diff to address the
following security issues (Closes: #450630)
- CVE-2007-5393 buffer overflow in the CCITTFaxStream::lookChar leading
to arbitrary code execution via a crafted pdf file.
- CVE-2007-5392 integer overflow in the DCTStream::reset resulting in a
heap based buffer overflow allows code execution.
- CVE-2007-4352 array index error in DCTStream::readProgressiveDataUnit
leads to memory corruption and possibly arbitrary code execution.
Files:
e38ba3f815476ba7b2dfb49ba417dbcd 1420 kde optional kdegraphics_3.5.7-4+lenny1.dsc
460e518dd7e1d525dc97a1c60f015e72 345945 kde optional kdegraphics_3.5.7-4+lenny1.diff.gz
28584a5ab59479a214bf109245b75955 12306 kde optional kdegraphics_3.5.7-4+lenny1_all.deb
7a7932a4e55900b96ab0b92eb5fc7c32 150594 doc optional kdegraphics-doc-html_3.5.7-4+lenny1_all.deb
20665a60aff53f2d1fe9e4b5f4dcddca 82718 graphics optional kamera_3.5.7-4+lenny1_i386.deb
2bf61a756ee1c1d5c8aca79eed775dca 97188 graphics optional kcoloredit_3.5.7-4+lenny1_i386.deb
74aabd870b6491126d6363ffa722e0ed 97446 devel optional kdegraphics-dev_3.5.7-4+lenny1_i386.deb
15067249feb2b36d4fa3dcbf0a21d09e 259466 kde optional kdegraphics-kfile-plugins_3.5.7-4+lenny1_i386.deb
9ed6c71dc3f5199ebd7dd7c08d479c05 525672 graphics optional kdvi_3.5.7-4+lenny1_i386.deb
8ad490a149ae74d6b0aef352fdd53e91 139572 graphics optional kfax_3.5.7-4+lenny1_i386.deb
7281cadcb1c16d7a31800c4f9a6ecdeb 103278 graphics optional kfaxview_3.5.7-4+lenny1_i386.deb
baab50c91cf4214287c4d1c044b43ffd 71096 graphics optional kgamma_3.5.7-4+lenny1_i386.deb
65b9f2495bd93a1d410fd71d27dec3ef 229910 graphics optional kghostview_3.5.7-4+lenny1_i386.deb
c22ccc4c8695ca562d4ccd0b3a9a5549 168830 graphics optional kiconedit_3.5.7-4+lenny1_i386.deb
a37bb145fc7fa919a2d552a04274982b 219918 kde optional kmrml_3.5.7-4+lenny1_i386.deb
094d202c92bae9b94548733a12d1cb3e 1062564 graphics optional kolourpaint_3.5.7-4+lenny1_i386.deb
bb042aa8e484498bafa299765f8566ca 751586 graphics optional kooka_3.5.7-4+lenny1_i386.deb
cf2bf0f847f71061501d268dcfc28309 813848 graphics optional kpdf_3.5.7-4+lenny1_i386.deb
3ab989338da0d1e9f15e1166585fa5ea 2232786 graphics optional kpovmodeler_3.5.7-4+lenny1_i386.deb
0eea36573cd1130f4c12393d6363906e 60944 graphics optional kruler_3.5.7-4+lenny1_i386.deb
6bc8c0f2652f7049bc4268a233c20a04 167058 graphics optional ksnapshot_3.5.7-4+lenny1_i386.deb
67e16ddbbcb90f4b66c2a05b7578d45d 1270236 graphics optional ksvg_3.5.7-4+lenny1_i386.deb
628687438c7e5b5c7a167db333824491 486766 graphics optional kuickshow_3.5.7-4+lenny1_i386.deb
404df14afd56e9648622249ce333b170 395960 graphics optional kview_3.5.7-4+lenny1_i386.deb
4c73c13105c200f079fc8a3f7dc20c18 787078 graphics optional kviewshell_3.5.7-4+lenny1_i386.deb
63f55be980425b3f425066a16903d2a6 12136 libdevel optional libkscan-dev_3.5.7-4+lenny1_i386.deb
49f4e105469dbc808eaa0ec8cdf11585 129796 libs optional libkscan1_3.5.7-4+lenny1_i386.deb
b5dd2d50f3a041de14b1e9419f5a0b4f 25353270 libdevel extra kdegraphics-dbg_3.5.7-4+lenny1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHPX9nHYflSXNkfP8RAmzUAKCXoQM3A0G7BCYclRyE27StLzuyhgCgkiQM
fGqYPCcWfj62Di5dg0fTlDQ=
=Ii3H
-----END PGP SIGNATURE-----
Accepted:
kamera_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kamera_3.5.7-4+lenny1_i386.deb
kcoloredit_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kcoloredit_3.5.7-4+lenny1_i386.deb
kdegraphics-dbg_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kdegraphics-dbg_3.5.7-4+lenny1_i386.deb
kdegraphics-dev_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kdegraphics-dev_3.5.7-4+lenny1_i386.deb
kdegraphics-doc-html_3.5.7-4+lenny1_all.deb
to pool/main/k/kdegraphics/kdegraphics-doc-html_3.5.7-4+lenny1_all.deb
kdegraphics-kfile-plugins_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.7-4+lenny1_i386.deb
kdegraphics_3.5.7-4+lenny1.diff.gz
to pool/main/k/kdegraphics/kdegraphics_3.5.7-4+lenny1.diff.gz
kdegraphics_3.5.7-4+lenny1.dsc
to pool/main/k/kdegraphics/kdegraphics_3.5.7-4+lenny1.dsc
kdegraphics_3.5.7-4+lenny1_all.deb
to pool/main/k/kdegraphics/kdegraphics_3.5.7-4+lenny1_all.deb
kdvi_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kdvi_3.5.7-4+lenny1_i386.deb
kfax_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kfax_3.5.7-4+lenny1_i386.deb
kfaxview_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kfaxview_3.5.7-4+lenny1_i386.deb
kgamma_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kgamma_3.5.7-4+lenny1_i386.deb
kghostview_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kghostview_3.5.7-4+lenny1_i386.deb
kiconedit_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kiconedit_3.5.7-4+lenny1_i386.deb
kmrml_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kmrml_3.5.7-4+lenny1_i386.deb
kolourpaint_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kolourpaint_3.5.7-4+lenny1_i386.deb
kooka_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kooka_3.5.7-4+lenny1_i386.deb
kpdf_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kpdf_3.5.7-4+lenny1_i386.deb
kpovmodeler_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kpovmodeler_3.5.7-4+lenny1_i386.deb
kruler_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kruler_3.5.7-4+lenny1_i386.deb
ksnapshot_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/ksnapshot_3.5.7-4+lenny1_i386.deb
ksvg_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/ksvg_3.5.7-4+lenny1_i386.deb
kuickshow_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kuickshow_3.5.7-4+lenny1_i386.deb
kview_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kview_3.5.7-4+lenny1_i386.deb
kviewshell_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/kviewshell_3.5.7-4+lenny1_i386.deb
libkscan-dev_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/libkscan-dev_3.5.7-4+lenny1_i386.deb
libkscan1_3.5.7-4+lenny1_i386.deb
to pool/main/k/kdegraphics/libkscan1_3.5.7-4+lenny1_i386.deb
Reply to: