[ubuntu/lucid-security] kdenetwork_4.4.2-0ubuntu4.1_powerpc_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_amd64_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_sparc_translations.tar.gz (delayed), kdenetwork_4.4.2-0ubuntu4.1_ia64_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_i386_translations.tar.gz, kdenetwork_4.4.2-0ubuntu4.1_armel_translations.tar.gz, kdenetwork 4:4.4.2-0ubuntu4.1 (Accepted)

Thu, 13 May 2010 05:03:32 -0700 

kdenetwork (4:4.4.2-0ubuntu4.1) lucid-security; urgency=low

  * SECURITY UPDATE: file name directory traversal attack (LP: #578856).
   - Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
   - kget/ui/metalinkcreator/metalinker.cpp check filename is valid
   - kget/transfer-plugins/metalink/metalink.cpp if the dialog was not accepted 
untick every file, so that the download does not start
   - CVE-2010-1000, SA39528

Date: Tue, 11 May 2010 16:26:45 +0100
Changed-By: Jonathan Riddell <[email protected]>
Maintainer: Kubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/lucid/+source/kdenetwork/4:4.4.2-0ubuntu4.1

Format: 1.8
Date: Tue, 11 May 2010 16:26:45 +0100
Source: kdenetwork
Binary: kdenetwork kdenetwork-filesharing kget libkopete4 kopete libkopete-dev 
kppp krdc krfb kdenetwork-dbg kde-zeroconf kopete-plugin-otr-kde4
Architecture: source
Version: 4:4.4.2-0ubuntu4.1
Distribution: lucid-security
Urgency: low
Maintainer: Kubuntu Developers <[email protected]>
Changed-By: Jonathan Riddell <[email protected]>
Description: 
 kde-zeroconf - zeroconf plugins and kio slaves for KDE 4
 kdenetwork - networking applications from the official KDE 4 release
 kdenetwork-dbg - debugging symbols for the KDE 4 networking module
 kdenetwork-filesharing - network filesharing configuration module for KDE 4
 kget       - download manager for KDE 4
 kopete     - instant messenger for KDE 4
 kopete-plugin-otr-kde4 - Transitional package
 kppp       - modem dialer for KDE 4
 krdc       - Remote Desktop Connection client for KDE 4
 krfb       - Desktop Sharing for KDE 4
 libkopete-dev - development files for the KDE 4 networking module
 libkopete4 - main Kopete library
Launchpad-Bugs-Fixed: 578856
Changes: 
 kdenetwork (4:4.4.2-0ubuntu4.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: file name directory traversal attack (LP: #578856).
    - Add debian/patches/kubuntu_01_kget_CVE-2010-1000.diff
    - kget/ui/metalinkcreator/metalinker.cpp check filename is valid
    - kget/transfer-plugins/metalink/metalink.cpp if the dialog was not 
accepted untick every file, so that the download does not start
    - CVE-2010-1000, SA39528
Checksums-Sha1: 
 024375ca8432eed44f313f9ac4accfec749065b1 2333 kdenetwork_4.4.2-0ubuntu4.1.dsc
 2b9310c627e82c41a7ccc0f9f5fe7ea7abe1f8fc 45422 
kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Checksums-Sha256: 
 310d02346024bb13c01601107ba74a915fe53518a4b814c0222834cb61cf8eca 2333 
kdenetwork_4.4.2-0ubuntu4.1.dsc
 01eb9a035275d8168fc8590d97505f88c3865b69bb4b83aa364fc22fa8e9de1c 45422 
kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Files: 
 c0e8dde7ff74824eda8b2cf24f3cbe39 2333 kde optional 
kdenetwork_4.4.2-0ubuntu4.1.dsc
 4b8a30759d2c0b0c1912163f0acbfaf3 45422 kde optional 
kdenetwork_4.4.2-0ubuntu4.1.diff.gz
Original-Maintainer: Debian Qt/KDE Maintainers <[email protected]>

-- 
Lucid-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

Reply via email to