Format: 1.8 Date: Fri, 13 Aug 2010 10:23:02 -0400 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: ia64 Version: 2.3.9-4ubuntu0.3 Distribution: jaunty Urgency: low Maintainer: Ubuntu/ia64 Build Daemon Changed-By: Marc Deslauriers Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Launchpad-Bugs-Fixed: 617019 617019 617019 617019 617019 617019 617019 Changes: freetype (2.3.9-4ubuntu0.3) jaunty-security; urgency=low . * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in CFF Type2 CharStrings interpreter (LP: #617019) - debian/patches-freetype/CVE-2010-1797.patch: check number of operands in src/cff/cffgload.c. - CVE-2010-1797 * SECURITY UPDATE: possible arbitrary code execution via buffer overflow in the ftmulti demo program (LP: #617019) - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust sizes in src/ftmulti.c. - CVE-2010-2541 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in src/base/ftstream.c. - CVE-2010-2805 * SECURITY UPDATE: possible arbitrary code execution via improper bounds checking (LP: #617019) - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in src/type42/t42parse.c. - CVE-2010-2806 * SECURITY UPDATE: possible arbitrary code execution via improper type comparisons (LP: #617019) - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*. - CVE-2010-2807 * SECURITY UPDATE: possible arbitrary code execution via memory corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019) - debian/patches-freetype/CVE-2010-2808.patch: check rlen in src/base/ftobjs.c. - CVE-2010-2808 * SECURITY UPDATE: denial of service via bdf font (LP: #617019) - debian/patches-freetype/bug30135.patch: don't modify value in static string in src/bdf/bdflib.c. * SECURITY UPDATE: denial of service via nested "seac" calls - debian/patches-freetype/nested-seac.patch: handle nested calls correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c, src/cff/cffgload.h, src/psaux/t1decode.c. Checksums-Sha1: edf2eddf883c682fdf7a356ebe417919cd544ace 557006 libfreetype6_2.3.9-4ubuntu0.3_ia64.deb 7ca475a7f5a7e04cd57642bbbc317a874fb7a5f5 892722 libfreetype6-dev_2.3.9-4ubuntu0.3_ia64.deb 0574065c25b7b8287762b332fc3c95e417d792bc 334604 freetype2-demos_2.3.9-4ubuntu0.3_ia64.deb 5d414ce979e7488a6b86947d8fa13b736148468f 421556 libfreetype6-udeb_2.3.9-4ubuntu0.3_ia64.udeb Checksums-Sha256: 686a813fd45c3232b9b3dc4e935f9ef6080169ff16682d3fd9d79fa043214ec4 557006 libfreetype6_2.3.9-4ubuntu0.3_ia64.deb c1cf10b4bb2fe9b705c978c17712fa8dcab8cc3523686cff66ba2bbfae98237d 892722 libfreetype6-dev_2.3.9-4ubuntu0.3_ia64.deb 8c77a8a7a6320fa64568abd4ae767b056649f3404b1a943ba5a6c54b1e8a54d3 334604 freetype2-demos_2.3.9-4ubuntu0.3_ia64.deb c2d38b7bb60f064afd68c351b8610c9c2d06d3a3f9c2981b3c52da222b900b67 421556 libfreetype6-udeb_2.3.9-4ubuntu0.3_ia64.udeb Files: 27ad3a9b2c07f6bed4b766934f9116e7 557006 libs optional libfreetype6_2.3.9-4ubuntu0.3_ia64.deb 27f2e8d6ab34554bc508a11bef105d6a 892722 libdevel optional libfreetype6-dev_2.3.9-4ubuntu0.3_ia64.deb 8d7df48c810810684c9f6a302f5116aa 334604 utils optional freetype2-demos_2.3.9-4ubuntu0.3_ia64.deb 592014ae46fc4d9cb2f7a73b4d64a35b 421556 debian-installer extra libfreetype6-udeb_2.3.9-4ubuntu0.3_ia64.udeb Original-Maintainer: Steve Langasek Package-Type: udeb