freetype (2.1.10-1ubuntu2.10) dapper-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/425-CVE-2010-3311.patch: correctly validate position
in src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/426-CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855
Date: Tue, 02 Nov 2010 15:17:07 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Will Newton <[email protected]>
https://launchpad.net/ubuntu/dapper/+source/freetype/2.1.10-1ubuntu2.10
Format: 1.7
Date: Tue, 02 Nov 2010 15:17:07 -0400
Source: freetype
Binary: freetype2-demos libfreetype6-udeb libfreetype6 libfreetype6-dev
Architecture: source
Version: 2.1.10-1ubuntu2.10
Distribution: dapper-security
Urgency: low
Maintainer: Will Newton <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer
Changes:
freetype (2.1.10-1ubuntu2.10) dapper-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/425-CVE-2010-3311.patch: correctly validate position
in src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/426-CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855
Files:
014b2444161d175d000b4a40143bc6db 1361 libs optional
freetype_2.1.10-1ubuntu2.10.dsc
cd55b858aab3f2c897e4fe17cc9aa070 71819 libs optional
freetype_2.1.10-1ubuntu2.10.diff.gz
--
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes
