This bug was fixed in the package kdelibs -
4:3.5.10.dfsg.1-3ubuntu2.10.04.1
---
kdelibs (4:3.5.10.dfsg.1-3ubuntu2.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability. (LP: #661416)
- Ark and KMail performs insufficient validation
This bug was fixed in the package kdelibs -
4:3.5.10.dfsg.1-3ubuntu2.10.10.1
---
kdelibs (4:3.5.10.dfsg.1-3ubuntu2.10.10.1) maverick-security; urgency=low
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability. (LP: #661416)
- Ark and KMail performs insufficient
Thanks, I've done some local test builds and have uploaded these to the
ubuntu-security-proposed ppa https://launchpad.net/~ubuntu-security-
proposed/+archive/ppa/ and will release them to the lucid and maverick
security pocket soon.
** Changed in: kdelibs (Ubuntu Lucid)
Status: Confirmed
kdelibs (4:3.5.10.dfsg.1-3ubuntu2.10.10.1) maverick-security;
urgency=low
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability. (LP: #661416)
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
kdelibs (4:3.5.10.dfsg.1-3ubuntu2.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: uncontrolled XMLHTTPRequest vulnerability. (LP: #661416)
- Ark and KMail performs insufficient validation which leads to
specially crafted archive files, using unknown MIME types, to be
