Why did the kde4libs amd64 build in ubuntu-security-proposed fail? It
built fine in my ppa.
my ppa: https://launchpad.net/~visred/+archive/ubuntu/rel-ppa/+packages
https://launchpad.net/~visred/+archive/ubuntu/rel-ppa/+build/12070850
ubuntu-security-proposed build:
debdiff for kde4libs in xenial is attached.
** Attachment added: "kde4libs-xenial-debdiff"
https://bugs.launchpad.net/ubuntu/+source/kio/+bug/1668871/+attachment/4829903/+files/kde4libs-xenial-debdiff
** Changed in: kio (Ubuntu Xenial)
Status: New => Confirmed
** Changed in: kde4libs
debdiff for kio in xenial is attached.
** Attachment added: "kio-xenial-debdiff"
https://bugs.launchpad.net/ubuntu/+source/kio/+bug/1668871/+attachment/4829901/+files/kio-xenial-debdiff
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-6410
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kde4libs in Ubuntu.
https://bugs.launchpad.net/bugs/1668871
Title:
kio: Information Leak when accessing https when
** Changed in: kde4libs (Ubuntu Zesty)
Status: New => Confirmed
** Changed in: kio (Ubuntu Zesty)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to kde4libs in Ubuntu.
debdiff for ktnef in xenial is attached.
kdepim also needs to patched both in xenial and trusty.
** Attachment added: "ktnef-xenial-debdiff"
https://bugs.launchpad.net/ubuntu/+source/ktnef/+bug/1668552/+attachment/4829858/+files/ktnef-xenial-debdiff
--
You received this bug notification
*** This bug is a security vulnerability ***
Public security bug reported:
I have included a debdiff imported from upstream for the below security
advisory for ark.
I have tested the patch in ppa with the sample archive issued in the
advisory and can confirm it works without any noticeable
I have tested steve's focal build from security-proposed and was able to
succesfully validate the fix i.e. warning for the PoC.
I have attached a screenshot of the warning when trying to open the PoC
** Attachment added: "ark_fix_test.png"
Code went through a major refactor after xenial to integrate with
updated Qt. See https://phabricator.kde.org/T2704
The refactor for this function was
-void Job::onEntry(const ArchiveEntry & archiveEntry)
+void Job::onEntry(Archive::Entry *entry)
{
-emit newEntry(archiveEntry);
+emit