Format: 1.8 Date: Thu, 13 Dec 2018 14:39:37 -0500 Source: fontforge Binary: fontforge fontforge-nox fontforge-common libfontforge-dev libfontforge1 libgdraw4 python-fontforge fontforge-dbg Architecture: all amd64 Version: 20120731.b-7.1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Mike Salvatore Description: fontforge - font editor fontforge-common - font editor (common files) fontforge-dbg - debugging symbols for fontforge fontforge-nox - font editor - non-X version libfontforge-dev - font editor - runtime library (development files) libfontforge1 - font editor - runtime library libgdraw4 - font editor - runtime graphics and widget library python-fontforge - font editor - Python bindings Changes: fontforge (20120731.b-7.1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2017-11568.patch: fix out of bounds read condition and buffer overflow in fontforge/parsettf.c, fontforge/psread.c, fontforge/tottf.c. - CVE-2017-11568 * SECURITY UPDATE: heap-based buffer over-read in readttfcopyrights - debian/patches/CVE-2017-11569-and-2017-11575.patch: fix out of bounds read condition in fontforge/parsettf.c. - CVE-2017-11569 - CVE-2017-11575 * SECURITY UPDATE: stack-based buffer overflow - debian/patches/CVE-2017-11571.patch: fix buffer overflow in fontforge/parsettf.c. - CVE-2017-11571 * SECURITY UPDATE: stack underflow condition in readcfftopdicts - debian/patches/CVE-2017-11572-and-2017-11576.patch: prevent stack uderflow condition in fontforge/parsettf.c. - CVE-2017-11572 - CVE-2017-11576 * SECURITY UPDATE: heap-based buffer overflow in readcffset - debian/patches/CVE-2017-11574.patch: fix buffer condition in fontforge/parsetff.c. - CVE-2017-11574 * SECURITY UPDATE: buffer over-read in getsid - debian/patches/CVE-2017-11577.patch: fix out of bounds read in fontforge/parsettf.c - CVE-2017-11577 Checksums-Sha1: 8311d779fd0c71c6de675901ed6f71733dca7eaa 934526 fontforge-common_20120731.b-7.1ubuntu0.1_all.deb fc8b8b7dac269a7eab807f66d02d95b2412455c5 7171840 fontforge-dbg_20120731.b-7.1ubuntu0.1_amd64.deb 7081c1d9d99bc8afe6b14c3fa35c6bf88bf7a422 1060 fontforge-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 4b0e3c2212af3a7b13234c51edecd8cf238b1110 1138 fontforge-nox-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb dde339eae7ab6a2b932f50b0a99e98ec2678de27 8790 fontforge-nox_20120731.b-7.1ubuntu0.1_amd64.deb e11b4718ffbcc94ff34efffa8a877f1eb8477e81 914064 fontforge_20120731.b-7.1ubuntu0.1_amd64.deb 0dab0c41c0327d12ce9680c93857ab979505ac0c 996 libfontforge-dev-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 41e44f0632a211deb2f9c287b1fca8326bc85357 103282 libfontforge-dev_20120731.b-7.1ubuntu0.1_amd64.deb f5906c43e082977c7b07ea96b955ab8a6d2d9230 982 libfontforge1-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb ce1c7f73505bcdb64a185f34f0b7abc951e5ebe4 1849412 libfontforge1_20120731.b-7.1ubuntu0.1_amd64.deb 11641a34d4f52ac817233b968a17d8eef9e408e0 994 libgdraw4-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 8a542792f21b5040ca0442b064d0d58c28417e58 305420 libgdraw4_20120731.b-7.1ubuntu0.1_amd64.deb 588c101adbfeefc47041cf6a40a18f01777192d0 4750 python-fontforge_20120731.b-7.1ubuntu0.1_amd64.deb Checksums-Sha256: 570186f856353ed21ffb92ac8c5f4f18ab243b425276274cc2d0b870028d62fe 934526 fontforge-common_20120731.b-7.1ubuntu0.1_all.deb 2073cc41572a89391be08f689953808d5f2108e6fe24c0d6abde8f9ae00f9a53 7171840 fontforge-dbg_20120731.b-7.1ubuntu0.1_amd64.deb a54a24cc67296fe07af463578cd462af95ba203c99f257e0c00cdb83593ecfe0 1060 fontforge-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 0bdb7799b54412fdb4515b1cda2d91cd9f0759f9ca3ce7748ef85c723797b4ae 1138 fontforge-nox-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 6e158da086c5043af7429604e5f14c43a094790afcf893f06ab2d4622e6cce67 8790 fontforge-nox_20120731.b-7.1ubuntu0.1_amd64.deb 9c69d2fa76f65705b6943ccd676a52069e5233f3d7fdf4df69f05bd6fecdb180 914064 fontforge_20120731.b-7.1ubuntu0.1_amd64.deb e53c17bb36ed9f71b481e6a0aefada0551e1a474f658e05f1bbadab77a9d6097 996 libfontforge-dev-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 69557a628335f13b2fe74bb1db5396bd4db0c45393f9b8233585d7745f07cfcc 103282 libfontforge-dev_20120731.b-7.1ubuntu0.1_amd64.deb a06b8dd71f7fb7aa1b40483b89f3d2152de580323d7004e9978fa2dcf08e6531 982 libfontforge1-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 60742e88b96da3e11aa2b6d3133a746749d21d64c4b82679775024d451a48b14 1849412 libfontforge1_20120731.b-7.1ubuntu0.1_amd64.deb 1a35b95c4a7ca13d458afd72e69d8e0017172e9dff27e5ddb94987ccb14b8f8d 994 libgdraw4-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 0873c975255eb4c6cf4d7484dbfa4d0e22f51a5481376c00d1d79ba7517d50a6 305420 libgdraw4_20120731.b-7.1ubuntu0.1_amd64.deb 2a151fd5d3750f1923fcacb812862bfb406cd0c759b7bb6b36e3056acbaf1dd7 4750 python-fontforge_20120731.b-7.1ubuntu0.1_amd64.deb Files: 0b2a9e86a6541e7e8553653327df8612 934526 fonts optional fontforge-common_20120731.b-7.1ubuntu0.1_all.deb 2d7e672d92e81f68de482d1ae6c5afa1 7171840 debug extra fontforge-dbg_20120731.b-7.1ubuntu0.1_amd64.deb 98e87fdba4242b6c0443ec9c2952b3a3 1060 fonts extra fontforge-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 9781604180c6a6002a227da8d54ce6bd 1138 fonts extra fontforge-nox-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb ecab9f1ac4084dee9819e7fb3447352e 8790 fonts optional fontforge-nox_20120731.b-7.1ubuntu0.1_amd64.deb 53d65dcdea063bc64a4fbdd75ba4479b 914064 fonts optional fontforge_20120731.b-7.1ubuntu0.1_amd64.deb 33abd2c642c6040bb649a6917d3d9861 996 libdevel extra libfontforge-dev-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb d8639779dc940374320fa2b613cb87c6 103282 libdevel optional libfontforge-dev_20120731.b-7.1ubuntu0.1_amd64.deb 527c73bb7b03bfc1695e3c33a0887e82 982 libs extra libfontforge1-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb db7422f3d3e6d66343c13375887a8ede 1849412 libs optional libfontforge1_20120731.b-7.1ubuntu0.1_amd64.deb 058c0bad8cf4d6e62023d460b565890b 994 libs extra libgdraw4-dbgsym_20120731.b-7.1ubuntu0.1_amd64.ddeb 03585fbcfaef5e6478ec5d75f49dc116 305420 libs optional libgdraw4_20120731.b-7.1ubuntu0.1_amd64.deb 7840c3a1a66e3fd3c35adfd842986e3f 4750 python optional python-fontforge_20120731.b-7.1ubuntu0.1_amd64.deb Original-Maintainer: Debian Fonts Task Force