Bug 140502 - kde-base/{arts,kdebase,kdegraphics,kdelibs,kdm} - security cleanup needed
Bug#: 140502 Product:  Gentoo Linux Version: 2006.0 Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: kde@gentoo.org Reported By: jakub@gentoo.org
Component: KDE
URL: 
Summary: kde-base/{arts,kdebase,kdegraphics,kdelibs,kdm} - security cleanup needed
Keywords:  
Status Whiteboard: 
Opened: 2006-07-15 08:04 0000
Description:   Opened: 2006-07-15 08:04 0000 
kde-base/arts-1.3.2: vulnerable via glsa(200606-22) ( ver-rev < 3.5.2-r1 && not
( ver = 3.4.3 && ver-rev => 3.4.3-r1 ) ), affects ('alpha', 'amd64', 'hppa',
'ia64', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/arts-1.3.2-r1: vulnerable via glsa(200606-22) ( ver-rev < 3.5.2-r1 &&
not ( ver = 3.4.3 && ver-rev => 3.4.3-r1 ) ), affects ('alpha', 'amd64',
'hppa', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/arts-3.4.3: vulnerable via glsa(200606-22) ( ver-rev < 3.5.2-r1 && not
( ver = 3.4.3 && ver-rev => 3.4.3-r1 ) ), affects ('alpha', 'amd64', 'hppa',
'ia64', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/arts-3.5.2: vulnerable via glsa(200606-22) ( ver-rev < 3.5.2-r1 && not
( ver = 3.4.3 && ver-rev => 3.4.3-r1 ) ), affects ('alpha', 'amd64', 'hppa',
'ia64', 'ppc', 'ppc64', 'sparc', 'x86', 'x86-fbsd')

kde-base/kdebase-3.3.2-r1: vulnerable via glsa(200606-23) ( ver-rev < 3.5.2-r2
&& not ( ver = 3.4.3 && ver-rev => 3.4.3-r2 ) ), affects ('alpha', 'amd64',
'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/kdebase-3.3.2-r2: vulnerable via glsa(200606-23) ( ver-rev < 3.5.2-r2
&& not ( ver = 3.4.3 && ver-rev => 3.4.3-r2 ) ), affects ('alpha', 'amd64',
'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/kdebase-3.3.2-r3: vulnerable via glsa(200606-23) ( ver-rev < 3.5.2-r2
&& not ( ver = 3.4.3 && ver-rev => 3.4.3-r2 ) ), affects ('alpha', 'amd64',
'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc', 'x86')
kde-base/kdebase-3.4.3-r1: vulnerable via glsa(200606-23) ( ver-rev < 3.5.2-r2
&& not ( ver = 3.4.3 && ver-rev => 3.4.3-r2 ) ), affects ('alpha', 'amd64',
'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc', 'x86')

kde-base/kdegraphics-3.3.2-r3: vulnerable via glsa(200602-05) ( ver-rev <
3.4.3-r4 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64',
'sparc', 'x86')
kde-base/kdegraphics-3.3.2-r3: vulnerable via glsa(200601-02) ( ver-rev <
3.4.3-r3 ), affects ('alpha', 'amd64', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64',
'sparc', 'x86')

kde-base/kdelibs-3.3.2-r10: vulnerable via glsa(200601-11) ( ver-rev < 3.4.3-r1
), affects ('alpha', 'amd64', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 'sparc',
'x86')

kde-base/kdm-3.4.3-r1: vulnerable via glsa(200606-23) ( ver-rev < 3.5.2-r1 &&
not ( ver = 3.4.3 && ver-rev => 3.4.3-r2 ) ), affects ('alpha', 'amd64',
'ia64', 'ppc', 'ppc64', 'sparc', 'x86')

Please, clean up the above. Thanks. ;)

------- Comment #1 From Diego E. 'Flameeyes' Pettenò 2006-07-15 08:39:02 0000 ------- 
I'll take care.

------- Comment #2 From Diego E. 'Flameeyes' Pettenò 2006-07-15 08:40:03 0000 ------- 
Note: 3.3 series of KDE I'll remove _after_ the cleanup of the rest, so that I
can remove it safely.

------- Comment #3 From Diego E. 'Flameeyes' Pettenò 2006-07-15 08:51:21 0000 ------- 
Hm I cannot cleanup KDE 3.3 because mips never marked it stable.

And for some ebuilds, I need IA64 to mark the fixed versions stable.

So... next time please first tell the arch teams, as your checks aren't
completely trustable.

------- Comment #4 From Jakub Moc (RETIRED) 2006-09-10 01:19:15 0000 ------- 
What's left:

kde-base/arts-3.4.3, kde-base/arts-3.5.2
kde-base/kdebase-3.4.3-r1
kde-base/kdm-3.4.3-r1

All needed newer version stable on ia64.

------- Comment #5 From Carsten Lohrke 2006-09-17 18:51:40 0000 ------- 
all done