Package: kde4libs
Version: 4:4.8.4-4
Severity: important
Tags: security patch
Control: forwarded -1 https://bugs.kde.org/show_bug.cgi?id=319428
Hi,
the following vulnerability was published for kde4libs.
CVE-2013-2074[0]:
prints passwords contained in HTTP URLs in error messages
Upstream
Processing control commands:
forwarded -1 https://bugs.kde.org/show_bug.cgi?id=319428
Bug #707776 [kde4libs] kde4libs: CVE-2013-2074: prints passwords contained in
HTTP URLs in error messages
Set Bug forwarded-to-address to 'https://bugs.kde.org/show_bug.cgi?id=319428'.
--
707776:
akonadi_1.9.2-1_amd64.changes uploaded successfully to localhost
along with the files:
akonadi_1.9.2-1.dsc
akonadi_1.9.2.orig.tar.bz2
akonadi_1.9.2-1.debian.tar.gz
akonadi-server_1.9.2-1_amd64.deb
libakonadiprotocolinternals1_1.9.2-1_amd64.deb
libakonadi-dev_1.9.2-1_amd64.deb
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 11 May 2013 00:57:28 +0200
Source: akonadi
Binary: akonadi-server libakonadiprotocolinternals1 libakonadi-dev
akonadi-backend-mysql akonadi-backend-postgresql akonadi-backend-sqlite
akonadi-dbg
Architecture:
soprano_2.9.1+dfsg.1-1_amd64.changes uploaded successfully to localhost
along with the files:
soprano_2.9.1+dfsg.1-1.dsc
soprano_2.9.1+dfsg.1.orig.tar.xz
soprano_2.9.1+dfsg.1-1.debian.tar.gz
soprano-daemon_2.9.1+dfsg.1-1_amd64.deb
libsoprano4_2.9.1+dfsg.1-1_amd64.deb
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 10 May 2013 01:24:13 +0200
Source: soprano
Binary: soprano-daemon libsoprano4 libsoprano-dev libsoprano-doc libsoprano-dbg
Architecture: source amd64 all
Version: 2.9.1+dfsg.1-1
Distribution: unstable
Urgency: low
soprano_2.9.2+dfsg.1-1_amd64.changes uploaded successfully to localhost
along with the files:
soprano_2.9.2+dfsg.1-1.dsc
soprano_2.9.2+dfsg.1.orig.tar.xz
soprano_2.9.2+dfsg.1-1.debian.tar.gz
soprano-daemon_2.9.2+dfsg.1-1_amd64.deb
libsoprano4_2.9.2+dfsg.1-1_amd64.deb
Accepted:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 11 May 2013 15:25:32 +0200
Source: soprano
Binary: soprano-daemon libsoprano4 libsoprano-dev libsoprano-doc libsoprano-dbg
Architecture: source amd64 all
Version: 2.9.2+dfsg.1-1
Distribution: unstable
Urgency: low
Processing commands for cont...@bugs.debian.org:
found 707776 kde4libs/4:4.4.5-2+squeeze3
Bug #707776 [kde4libs] kde4libs: CVE-2013-2074: prints passwords contained in
HTTP URLs in error messages
Marked as found in versions kde4libs/4:4.4.5-2+squeeze3.
thanks
Stopping processing here.
Please
On Sat, May 11, 2013 at 02:26:22PM +0200, Bill Allombert wrote:
On Wed, May 8, 2013 at 16:45:09 -0500, Lukasz Szybalski wrote:
The following packages have unmet dependencies:
odbcinst1debian2 : Breaks: tdsodbc ( 0.82-8) but 0.82-7 is to be
installed
E: Error,
qttranslations-opensource-src_5.0.2-1_amd64.changes uploaded successfully to
localhost
along with the files:
qttranslations-opensource-src_5.0.2-1.dsc
qttranslations-opensource-src_5.0.2.orig.tar.xz
qttranslations-opensource-src_5.0.2-1.debian.tar.gz
qttranslations5-l10n_5.0.2-1_all.deb
binary:qttranslations5-l10n is NEW.
source:qttranslations-opensource-src is NEW.
Your package contains new components which requires manual editing of
the override file. It is ok otherwise, so please be patient. New
packages are usually added to the override file about once a week.
--
To
qtimageformats-opensource-src_5.0.2-1_amd64.changes uploaded successfully to
localhost
along with the files:
qtimageformats-opensource-src_5.0.2-1.dsc
qtimageformats-opensource-src_5.0.2.orig.tar.xz
qtimageformats-opensource-src_5.0.2-1.debian.tar.gz
binary:qt5-image-formats-plugins is NEW.
source:qtimageformats-opensource-src is NEW.
Your package contains new components which requires manual editing of
the override file. It is ok otherwise, so please be patient. New
packages are usually added to the override file about once a week.
--
[recipients trimmed]
I recommend applying the patch from bug #639300 in a stable update, instead
of leaving akonadi/virtuoso un-coinstallable with all ODBC drivers in
wheezy. Attached is an updated patch for this issue.
My recommendation is to have unixodbc drop the useless and broken Breaks.
On Sat, May 11, 2013 at 09:18:03PM +0200, Sune Vuorela wrote:
[recipients trimmed]
I recommend applying the patch from bug #639300 in a stable update, instead
of leaving akonadi/virtuoso un-coinstallable with all ODBC drivers in
wheezy. Attached is an updated patch for this issue.
My
Processing commands for cont...@bugs.debian.org:
block 703047 with 639300
Bug #703047 [odbc-postgresql] odbc-postgresql cannot be installed alongside kde
703047 was not blocked by any bugs.
703047 was not blocking any bugs.
Added blocking bug(s) of 703047: 639817 and 639300
thanks
Stopping
17 matches
Mail list logo