[ubuntu/hardy-security] freetype, freetype (delayed) 2.3.5-1ubuntu4.8.04.6 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Nov 4 13:10:19 GMT 2010
- Previous message: [ubuntu/hardy-security] pidgin_2.4.1-1ubuntu2.10_amd64_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_powerpc_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_lpia_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_ia64_translations.tar.gz, pidgin, pidgin_2.4.1-1ubuntu2.10_hppa_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_i386_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_sparc_translations.tar.gz (delayed) 1:2.4.1-1ubuntu2.10 (Accepted)
- Next message: [ubuntu/hardy-security] cupsys_1.3.7-1ubuntu3.12_amd64_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_i386_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_hppa_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_powerpc_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_ia64_translations.tar.gz, cupsys, cupsys_1.3.7-1ubuntu3.12_lpia_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_sparc_translations.tar.gz (delayed) 1.3.7-1ubuntu3.12 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
freetype (2.3.5-1ubuntu4.8.04.6) hardy-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/CVE-2010-3311.patch: correctly validate position in
src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
improper error handling of SHZ bytecode instruction
- debian/patches/CVE-2010-3814.patch: add bounds check to
src/truetype/ttinterp.c.
- CVE-2010-3814
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855
Date: Tue, 02 Nov 2010 15:01:15 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/freetype/2.3.5-1ubuntu4.8.04.6
-------------- next part --------------
Format: 1.7
Date: Tue, 02 Nov 2010 15:01:15 -0400
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source
Version: 2.3.5-1ubuntu4.8.04.6
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer
Changes:
freetype (2.3.5-1ubuntu4.8.04.6) hardy-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/CVE-2010-3311.patch: correctly validate position in
src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
improper error handling of SHZ bytecode instruction
- debian/patches/CVE-2010-3814.patch: add bounds check to
src/truetype/ttinterp.c.
- CVE-2010-3814
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855
Files:
ff653c0c0638614078e0add34f8b2caa 1547 libs optional freetype_2.3.5-1ubuntu4.8.04.6.dsc
423fc30bf2da50ccd1f2d19d45a5c514 41916 libs optional freetype_2.3.5-1ubuntu4.8.04.6.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>
- Previous message: [ubuntu/hardy-security] pidgin_2.4.1-1ubuntu2.10_amd64_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_powerpc_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_lpia_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_ia64_translations.tar.gz, pidgin, pidgin_2.4.1-1ubuntu2.10_hppa_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_i386_translations.tar.gz, pidgin_2.4.1-1ubuntu2.10_sparc_translations.tar.gz (delayed) 1:2.4.1-1ubuntu2.10 (Accepted)
- Next message: [ubuntu/hardy-security] cupsys_1.3.7-1ubuntu3.12_amd64_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_i386_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_hppa_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_powerpc_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_ia64_translations.tar.gz, cupsys, cupsys_1.3.7-1ubuntu3.12_lpia_translations.tar.gz, cupsys_1.3.7-1ubuntu3.12_sparc_translations.tar.gz (delayed) 1.3.7-1ubuntu3.12 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Hardy-changes
mailing list