[ubuntu/eoan-proposed] kde4libs 4:4.14.38-0ubuntu7 (Accepted)

[Rik Mills]

kde4libs (4:4.14.38-0ubuntu7) eoan; urgency=medium

  * SECURITY UPDATE: malicious .desktop files (and others) would execute
    code (LP: #1839432).
    - debian/patches/CVE-2019-14744.diff: removes the affected feature as
      currently 'unused'.
    - CVE-2019-14744
  * Build against OpenSSL 1.1:
    - use Fedora-provided patch backport by Daniel Vrátil and Wolfgang Bauer
    - In Build-Depends, replace libssl1.0-dev by "libssl-dev (>= 1.1)"
  * Mark an additional symbol as optional on ppc64el.

Date: Thu, 15 Aug 2019 14:10:10 +0100
Changed-By: Rik Mills <rikmills at kubuntu.org>
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.38-0ubuntu7
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 15 Aug 2019 14:10:10 +0100
Source: kde4libs
Binary: libkdecore5 libkdeui5 libkpty4 libkdesu5 libkjsapi4 libkjsembed4 libkio5 libkntlm4 libsolid4 libkde3support4 libkfile4 libknewstuff2-4 libknewstuff3-4 libkparts4 libkutils4 libthreadweaver4 libkhtml5 libkimproxy4 libkmediaplayer4 libktexteditor4 libknotifyconfig4 libkdnssd4 libkrosscore4 libkrossui4 libplasma3 libkunitconversion4 libkdewebkit5 libkcmutils4 libkemoticons4 libkidletime4 libkprintutils4 libkdeclarative5 kdelibs-bin kdelibs5-plugins kdelibs5-data kdoctools kdelibs5-dev kdelibs5-dbg
Architecture: source
Version: 4:4.14.38-0ubuntu7
Distribution: eoan
Urgency: medium
Maintainer: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>
Changed-By: Rik Mills <rikmills at kubuntu.org>
Description:
 kdelibs-bin - core executables for KDE Applications
 kdelibs5-data - core shared data for all KDE Applications
 kdelibs5-dbg - debugging symbols for the KDE Development Platform libraries
 kdelibs5-dev - development files for the KDE Development Platform libraries
 kdelibs5-plugins - core plugins for KDE Applications
 kdoctools  - various tools for accessing application documentation
 libkcmutils4 - utility classes for using KCM modules
 libkde3support4 - KDE 3 Support Library for the KDE 4 Platform
 libkdeclarative5 - declarative library for plasma
 libkdecore5 - KDE Platform Core Library
 libkdesu5  - Console-mode Authentication Library for the KDE Platform
 libkdeui5  - KDE Platform User Interface Library
 libkdewebkit5 - KDE WebKit Library
 libkdnssd4 - DNS-SD Protocol Library for the KDE Platform
 libkemoticons4 - utility classes to deal with emoticon themes
 libkfile4  - File Selection Dialog Library for KDE Platform
 libkhtml5  - KHTML Web Content Rendering Engine
 libkidletime4 - library to provide information about idle time
 libkimproxy4 - Instant Messaging Interface Library for the KDE Platform
 libkio5    - Network-enabled File Management Library for the KDE Platform
 libkjsapi4 - KJS API Library for the KDE Development Platform
 libkjsembed4 - library for binding JavaScript objects to QObjects
 libkmediaplayer4 - KMediaPlayer Interface for the KDE Platform
 libknewstuff2-4 - "Get Hot New Stuff" v2 Library for the KDE Platform
 libknewstuff3-4 - "Get Hot New Stuff" v3 Library for the KDE Platform
 libknotifyconfig4 - library for configuring KDE Notifications
 libkntlm4  - NTLM Authentication Library for the KDE Platform
 libkparts4 - Framework for the KDE Platform Graphical Components
 libkprintutils4 - utility classes to deal with printing
 libkpty4   - Pseudo Terminal Library for the KDE Platform
 libkrosscore4 - Kross Core Library
 libkrossui4 - Kross UI Library
 libktexteditor4 - KTextEditor interfaces for the KDE Platform
 libkunitconversion4 - Unit Conversion library for the KDE Platform
 libkutils4 - dummy transitional library
 libplasma3 - Plasma Library for the KDE Platform
 libsolid4  - Solid Library for KDE Platform
 libthreadweaver4 - ThreadWeaver Library for the KDE Platform
Launchpad-Bugs-Fixed: 1839432
Changes:
 kde4libs (4:4.14.38-0ubuntu7) eoan; urgency=medium
 .
   * SECURITY UPDATE: malicious .desktop files (and others) would execute
     code (LP: #1839432).
     - debian/patches/CVE-2019-14744.diff: removes the affected feature as
       currently 'unused'.
     - CVE-2019-14744
   * Build against OpenSSL 1.1:
     - use Fedora-provided patch backport by Daniel Vrátil and Wolfgang Bauer
     - In Build-Depends, replace libssl1.0-dev by "libssl-dev (>= 1.1)"
   * Mark an additional symbol as optional on ppc64el.
Checksums-Sha1:
 3e202fa67f5f6eb37ca2bf67dfcb38475f2234c1 5176 kde4libs_4.14.38-0ubuntu7.dsc
 3b74f28ed79c20780472158acd196bf1313567e2 294800 kde4libs_4.14.38-0ubuntu7.debian.tar.xz
 e3e80b2faeb57a8f63dbb5c9ed14e164bd3a63eb 23884 kde4libs_4.14.38-0ubuntu7_source.buildinfo
Checksums-Sha256:
 44cd95e6f2662a33d269bbdae1718116a91ef73e6d063a558b932537821c9a5b 5176 kde4libs_4.14.38-0ubuntu7.dsc
 2124794faf479efab3322c857e34eb70bd22e5097b4c734c4c12e89fe2387876 294800 kde4libs_4.14.38-0ubuntu7.debian.tar.xz
 4599824569f6a5af37c79d31c736a770cb676a45f0cdbd4d43c3e77e322cf46b 23884 kde4libs_4.14.38-0ubuntu7_source.buildinfo
Files:
 3d01d3f12d534c2b66e4ec9ffb2ed91a 5176 libs optional kde4libs_4.14.38-0ubuntu7.dsc
 c158080bf6d5a3ecdd4fce87801ebada 294800 libs optional kde4libs_4.14.38-0ubuntu7.debian.tar.xz
 1b865c71429f4b10f31708d92903a122 23884 libs optional kde4libs_4.14.38-0ubuntu7_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCgAzFiEEDMvPrK69u5wsjzS2IqBL75FoutUFAl1VWcMVHHJpa21pbGxz
QGt1YnVudHUub3JnAAoJECKgS++RaLrVs4MP/3sifZN7/FmOlLPO3Iep7tpca5vl
I/sR1SRBdqx60KmwEexF5qwAmOlHWhKo+qYNnXJyMKOSBWkEXhWwdTUmjw951jGF
x/PtfXEPewlDYpbikn7Yd2KoaijsOfK/uSoiPI2MeDp3WDuCmRmZz99W3uKmb6pJ
seprQTQydJuQrTub4zboVoXp/nFd9ls+pVSCef3KlpIRfP0M2sRRJPiGBZpjgv9B
I+GPF5QjkZjgALHPubdTPQeMvbJPPKc+zWjbFF4AOJs1J3ngbuNqKcV17Pl7QgDZ
e5+k8krRmbo6b70KjkpQ9NXUYsZvhR5xAYoIA5sOiuWveZMd6HWtaOIJC0cxi7++
QWEWT5/EdTJCFN76FeGjL11bJbkOL3SULObRVLoLae18fFC6RIp8Tcja00KaECoH
wY+jj3n5SnfWo8JG7xdFMPCC8RTTI3/AKUdN2LBYdmOm0wfjwnSKOM9/jaH0lg+n
VJLsAK5yrOh6m3A+LjJ+0b7z9GXMN/cmBux5sO/HVC4DqgiCmiGtU5/3MFZ9LiyF
3ht8k4OyqNBAjPFAZlitykwOHxtT1gI8Vq7PWMTUBZhrqcH+SlYvTxyvqGFPSkNp
FvjOdgeRlpbE1HRPPaf7mPvHqnp65ja9kAvYtUZJ0tpIA9s/jUsyWvR/k2gLUpvh
UsjJsE2GOai8e/ZH
=gpLr
-----END PGP SIGNATURE-----