Please sync freetype (main) from unstable (main)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
freetype (Ubuntu) |
Fix Released
|
Undecided
|
Scott James Remnant (Canonical) |
Bug Description
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects distros/
status confirmed
subscribe ubuntu-archive
Please sync freetype (main) from Debian unstable (main).
Changelog since current edgy version 2.2.1-2ubuntu1:
freetype (2.2.1-5) unstable; urgency=high
* High-urgency upload for RC bugfix.
* Add debian/
address CVE-2006-3467, a missing string length check in PCF files that
leads to a possibly exploitable integer overflow. Thanks to Martin
Pitt for the patch. Closes: #379920.
-- Steve Langasek <email address hidden> Tue, 12 Sep 2006 15:04:42 -0700
freetype (2.2.1-4) unstable; urgency=low
* Drop libfreetype6.
whatever version it applied to is pre-sarge, and this code is
sufficiently blunt that I don't think it should be kept around.
Closes: #386379.
-- Steve Langasek <email address hidden> Fri, 8 Sep 2006 13:35:30 -0700
freetype (2.2.1-3) unstable; urgency=low
* Apply patch from Eugeniy Meshcheryakov <email address hidden>, applied
upstream, to fix bug in rendering of composite glyphs.
Closes: #374902.
-- Steve Langasek <email address hidden> Sun, 3 Sep 2006 04:21:43 -0500
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFCpElDec
StnFkxyNL4krCjw
=isrq
-----END PGP SIGNATURE-----
application finalize called
Only Ubuntu change was the CVE-2006-3467 fix which was adopted in Debian.