Fixed in NMU of kdelibs 4:3.2.3-3.sarge.1

Mon, 30 Aug 2004 12:53:40 -0500 

tag 268016 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload.  The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 30 Aug 2004 15:20:22 +1000
Source: kdelibs
Binary: kdelibs4 kdelibs-bin kdelibs kdelibs4-doc kdelibs-data kdelibs4-dev
Architecture: source i386 all
Version: 4:3.2.3-3.sarge.1
Distribution: testing
Urgency: high
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Ben Burton <[EMAIL PROTECTED]>
Description: 
 kdelibs    - KDE core libraries metapackage
 kdelibs-bin - KDE core binaries
 kdelibs-data - KDE core shared data
 kdelibs4   - KDE core libraries
 kdelibs4-dev - KDE core libraries (development files)
 kdelibs4-doc - KDE core library documentation
Closes: 268016
Changes: 
 kdelibs (4:3.2.3-3.sarge.1) testing-proposed-updates; urgency=high
 .
   * Security update for sarge.
   * Fixes unsafe use of temporary directory (CAN-2004-0689).
   * Fixes unsafe creation of temporary directory (CAN-2004-0690; #261386).
   * Fixes frame injection vulnerability (CAN-2004-0721; #261740).  Note that
     this package provides only part of the fix; the remainder of the fix is
     in kdebase 4:3.2.3-0.sarge.1.
   * Fixes cross-domain cookie injection vulnerability for certain country
     specific domains (CAN-2004-0746; Closes: #268016).
   * Also applied other updates from kdelibs 4:3.2.3-4 in sid, which included
     a KDE_3_2_BRANCH update (bugfixes only) and a rebuild against libtiff4-dev.
   * Note that all of the above security fixes except for CAN-2004-0721 were
     also present in the branch update from 4:3.2.3-4.
Files: 
 f5b09f375926bd6429ab8025c175dead 1102 libs optional kdelibs_3.2.3-3.sarge.1.dsc
 48e515cdcec7fa23d166baf813c07511 124175 libs optional 
kdelibs_3.2.3-3.sarge.1.diff.gz
 a0f503362870f59726f00e5f8ace3cf1 842774 libs optional 
kdelibs-bin_3.2.3-3.sarge.1_i386.deb
 30bdd38e061d1edc2fa233142dbe2a2a 7601438 libs optional 
kdelibs4_3.2.3-3.sarge.1_i386.deb
 23762a10c31b5d64867cf80050fd203b 1133464 libdevel optional 
kdelibs4-dev_3.2.3-3.sarge.1_i386.deb
 c49b41331383e5a3b625577f1f79e070 16490 kde optional 
kdelibs_3.2.3-3.sarge.1_all.deb
 615c80394373de58b87f25ad5245eddd 6392354 libs optional 
kdelibs-data_3.2.3-3.sarge.1_all.deb
 4eccb013d102410df74697f373c9e3ac 11617372 doc optional 
kdelibs4-doc_3.2.3-3.sarge.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBM190MQNuxza4YcERAoMRAJ9gVylryFO+BjbpdJMgt3MeT9KZSQCfcnf/
j2+X2l5yyQ+hZADlTxra2s0=
=ZGnF
-----END PGP SIGNATURE-----

Reply via email to