UbuntuUpdates.org

Package "kdelibs5-dev"

Name: kdelibs5-dev

Description:

development files for the KDE Development Platform libraries

Latest version: 4:4.13.3-0ubuntu0.5
Release: trusty (14.04)
Level: updates
Repository: main
Head package: kde4libs
Homepage: http://www.kde.org/

Links


Download "kdelibs5-dev"


Other versions of "kdelibs5-dev" in Trusty

Repository Area Version
base main 4:4.13.0-0ubuntu1
security main 4:4.13.3-0ubuntu0.5
PPA: Kubuntu-ppa Backports 4:4.14.13a-4~ubuntu1~ubuntu14.04~ppa3

Changelog

Version: 4:4.13.3-0ubuntu0.5 2017-05-15 15:06:50 UTC

  kde4libs (4:4.13.3-0ubuntu0.5) trusty-security; urgency=medium

  * SECURITY UPDATE: privilege escalation in DBus auth backend
    - debian/patches/CVE-2017-8422.patch: verify caller in
      kdecore/auth/AuthBackend.cpp, kdecore/auth/AuthBackend.h,
      kdecore/auth/backends/dbus/DBusHelperProxy.cpp,
      kdecore/auth/backends/dbus/DBusHelperProxy.h,
      kdecore/auth/backends/policykit/PolicyKitBackend.cpp,
      kdecore/auth/backends/policykit/PolicyKitBackend.h,
      kdecore/auth/backends/polkit-1/Polkit1Backend.cpp,
      kdecore/auth/backends/polkit-1/Polkit1Backend.h.
    - CVE-2017-8422

 -- Marc Deslauriers <email address hidden> Thu, 11 May 2017 09:10:03 -0400

Source diff to previous version

Version: 4:4.13.3-0ubuntu0.4 2017-03-09 15:07:08 UTC

  kde4libs (4:4.13.3-0ubuntu0.4) trusty-security; urgency=medium

  * SECURITY UPDATE: information leak via crafted PAC file (LP: #1668871)
    - debian/patches/CVE-2017-6410.patch: sanitize URLs in
      kio/misc/kpac/script.cpp.
    - CVE-2017-6410

 -- Marc Deslauriers <email address hidden> Wed, 08 Mar 2017 10:25:45 -0500

Source diff to previous version
1668871 kio: Information Leak when accessing https when using a malicious PAC file
CVE-2017-6410 kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including

Version: 4:4.13.3-0ubuntu0.3 2016-07-26 21:06:57 UTC

  kde4libs (4:4.13.3-0ubuntu0.3) trusty-security; urgency=medium

  * SECURITY UPDATE: file extraction out of the expected directory
    - debian/patches/CVE-2016-6232.patch: limit files to extraction folder
      in kdecore/io/karchive.cpp.
    - CVE-2016-6232

 -- Marc Deslauriers <email address hidden> Mon, 25 Jul 2016 15:05:37 -0400

Source diff to previous version

Version: 4:4.13.3-0ubuntu0.2 2014-11-24 19:06:55 UTC

  kde4libs (4:4.13.3-0ubuntu0.2) trusty-security; urgency=medium

  * No change rebuild in the -security pocket.
 -- Marc Deslauriers <email address hidden> Fri, 21 Nov 2014 08:06:47 -0500

Source diff to previous version

Version: 4:4.13.3-0ubuntu0.1 2014-08-12 12:06:29 UTC

  kde4libs (4:4.13.3-0ubuntu0.1) trusty; urgency=medium

  * New upstream bugfix release (LP: #1349296)
    - drop CVE-2014-3494.patch, applied upstream
 -- Philip Muskovac <email address hidden> Mon, 04 Aug 2014 20:25:28 +0200

1349296 SRU tracking bug for KDE SC 4.13.3
CVE-2014-3494 KMail/KIO POP3 SSL MITM Flaw



About   -   Send Feedback to @ubuntu_updates