-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2009-09-15 14:38:04 UTC
-
Revision ID:
james.westby@ubuntu.com-20090915143804-n4uyj6dp8n2vj72y
Tags: 4:3.5.10.dfsg.1-2ubuntu5
* SECURITY UPDATE: fix vulnerability with NULL byte in Subject Alternate
Names field of X.509 certificates
- debian/patches/security_04_CVE-2009-2702.diff: verify that the
QString length of the SAN is not shorter than the ASN1 length
- CVE-2009-2702
* kubuntu_glibc_2.8_ftbfs.diff: fix FTBFS when using gcc 4.4 or higher
* Following patches forward ported from http://www.ubuntu.com/usn/USN-822-1
(by Marc Deslauriers)
* SECURITY UPDATE: arbitrary code execution via JavaScript garbage
collector allocation failures
- debian/patches/security_01_CVE-2009-1687.diff: make sure we don't
overflow before doing the realloc in kjs/collector.cpp.
- CVE-2009-1687
* SECURITY UPDATE: arbitrary code execution via use-after-free
- debian/patches/security_02_CVE-2009-1690.diff: use head.get() in
khtml/html/htmlparser.cpp, and backport khtml/html/{AlwaysInline,
htmlparser,Platform,RefPtr}.h.
- CVE-2009-1690
* SECURITY UPDATE: arbitrary code execution via CSS attr function call
with a large numerical argument
- debian/patches/security_03_CVE-2009-1698.diff: add extra checks to
khtml/css/cssparser.cpp and implement CSSPrimitiveValue::CSS_ATTR in
khtml/css/css_valueimpl.cpp.
- CVE-2009-1698