Format: 1.8 Date: Fri, 13 Aug 2010 10:05:35 -0400 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: sparc Version: 2.3.9-5ubuntu0.2 Distribution: karmic Urgency: low Maintainer: Ubuntu/sparc Build Daemon Changed-By: Marc Deslauriers Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Changes: freetype (2.3.9-5ubuntu0.2) karmic-security; urgency=low . * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in CFF Type2 CharStrings interpreter (LP: #617019) - debian/patches-freetype/CVE-2010-1797.patch: check number of operands in src/cff/cffgload.c. - CVE-2010-1797 * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in the ftmulti demo program (LP: #617019) - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust sizes in src/ftmulti.c. - CVE-2010-2541 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in src/base/ftstream.c. - CVE-2010-2805 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in src/type42/t42parse.c. - CVE-2010-2806 * SECURITY UPDATE: possible arbitrary code execution via improper type comparisons (LP: #617019) - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*. - CVE-2010-2807 * SECURITY UPDATE: possible arbitrary code execution via memory corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019) - debian/patches-freetype/CVE-2010-2808.patch: check rlen in src/base/ftobjs.c. - CVE-2010-2808 * SECURITY UPDATE: denial of service via bdf font (LP: #617019) - debian/patches-freetype/bug30135.patch: don't modify value in static string in src/bdf/bdflib.c. * SECURITY UPDATE: denial of service via nested "seac" calls - debian/patches-freetype/nested-seac.patch: handle nested calls correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c, src/cff/cffgload.h, src/psaux/t1decode.c. Checksums-Sha1: 1576ed752a09dc8324b77f96a5a1ee5c5c550940 374982 libfreetype6_2.3.9-5ubuntu0.2_sparc.deb 7349ece95827df30b67ffc8a8b18e0dc6aa70e68 691054 libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb 62b65fa508013d463b1ddb7400b55e91d211bf2e 195786 freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb 091b0a8c2ad744b9aa0742d29793d6f6640e85e4 240534 libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb Checksums-Sha256: b983ee29da53fce8a8538e6e2789cd131a681428290c7ee03a5b1223b2ffa5d4 374982 libfreetype6_2.3.9-5ubuntu0.2_sparc.deb 688f6d5d09f0a6de03d80e856dcfd3a3c7bcf7f2c0bad549bb50b88576bd514f 691054 libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb 2444a1d55b1dd1089724b979cf3f465e84363baeb6f3a093c6b34d04c25c88e4 195786 freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb c99dd3be14b1c630c11c55d9b65b8888a25eb2afc5ee42af9c920feabcbcd50e 240534 libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb Files: e84af1b516f050ee9bdb93c213994943 374982 libs optional libfreetype6_2.3.9-5ubuntu0.2_sparc.deb 557de31093ac67c2dedec97e55998295 691054 libdevel optional libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb 599978c8d9cff2525eba228c793833c3 195786 utils optional freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb f3c79ed9e84e7169851de3f432b613c3 240534 debian-installer extra libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb Launchpad-Bugs-Fixed: 617019 617019 617019 617019 617019 617019 617019 Original-Maintainer: Steve Langasek Package-Type: udeb