Format: 1.8 Date: Fri, 13 Aug 2010 08:26:33 -0400 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: i386 Version: 2.3.11-1ubuntu2.2 Distribution: lucid Urgency: low Maintainer: Ubuntu/i386 Build Daemon Changed-By: Marc Deslauriers Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Launchpad-Bugs-Fixed: 617019 617019 617019 617019 617019 617019 617019 Changes: freetype (2.3.11-1ubuntu2.2) lucid-security; urgency=low . * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in CFF Type2 CharStrings interpreter (LP: #617019) - debian/patches-freetype/CVE-2010-1797.patch: check number of operands in src/cff/cffgload.c. - CVE-2010-1797 * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in the ftmulti demo program (LP: #617019) - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust sizes in src/ftmulti.c. - CVE-2010-2541 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in src/base/ftstream.c. - CVE-2010-2805 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in src/type42/t42parse.c. - CVE-2010-2806 * SECURITY UPDATE: possible arbitrary code execution via improper type comparisons (LP: #617019) - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*. - CVE-2010-2807 * SECURITY UPDATE: possible arbitrary code execution via memory corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019) - debian/patches-freetype/CVE-2010-2808.patch: check rlen in src/base/ftobjs.c. - CVE-2010-2808 * SECURITY UPDATE: denial of service via bdf font (LP: #617019) - debian/patches-freetype/bug30135.patch: don't modify value in static string in src/bdf/bdflib.c. Checksums-Sha1: 1878fbb0798ed954062c15635f2ddef890cc420a 419000 libfreetype6_2.3.11-1ubuntu2.2_i386.deb bfb93a100a44ada79ed944f846d07b49697ce6dc 704694 libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb 53230c7fd025c9ee593bbc92508d38c4291ac70c 188710 freetype2-demos_2.3.11-1ubuntu2.2_i386.deb bdb59274d716a0fb9f29ae6392d8708d07247829 260916 libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb Checksums-Sha256: 62af7e7880d6587247141a5885ce306baab5e9db8afb2b067a1da3d4f15ed0e3 419000 libfreetype6_2.3.11-1ubuntu2.2_i386.deb fa562335a5385bccd8109025c3282277691e2c652a83a294f8579efbbdca083d 704694 libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb dc98379994acf627c13ff7794809a27a05b613ad34ebd987e1791788b9ae1cb2 188710 freetype2-demos_2.3.11-1ubuntu2.2_i386.deb c3d19f883b1b202d3c8c67250816049e5590616a24e45370ca65e3aad365abab 260916 libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb Files: d4a78ce7ae146caa59b61f43b27d363c 419000 libs optional libfreetype6_2.3.11-1ubuntu2.2_i386.deb f58601afde2b4bc257492762654cbf94 704694 libdevel optional libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb e94b4202fcfe184fdf81409fe610a42a 188710 utils optional freetype2-demos_2.3.11-1ubuntu2.2_i386.deb a540a7f9ae973bce66bbd3fdb9a4f849 260916 debian-installer extra libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb Original-Maintainer: Steve Langasek Package-Type: udeb