-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 23 Feb 2015 22:04:36 -0800
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.5.2-3
Distribution: unstable
Urgency: medium
Maintainer: Steve Langasek <vor...@debian.org>
Changed-By: Keith Packard <kei...@keithp.com>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 777656
Changes:
freetype (2.5.2-3) unstable; urgency=medium
.
* Fix Savannah bug #43535. CVE-2014-9675
* [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1
* src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
in the summation of POST fragment lengths. CVE-2014-0674-part-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
too long tracing messages. CVS-2014-9674-fixup-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to
read the lengths in POST fragments. CVE-2014-9674-fixup-1
* Fix Savannah bug #43538. CVE-2014-9674-part-1
* Fix Savannah bug #43539. CVE-2014-9673
* src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
a broken POST table in resource-fork. CVE-2014-9673-fixup
* Fix Savannah bug #43540. CVE-2014-9672
* Fix Savannah bug #43547. CVE-2014-9671
* Fix Savannah bug #43548. CVE-2014-9670
* [sfnt] Fix Savannah bug #43588. CVE-2014-9669
* [sfnt] Fix Savannah bug #43589. CVE-2014-9668
* [sfnt] Fix Savannah bug #43590. CVE-2014-9667
* [sfnt] Fix Savannah bug #43591. CVE-2014-9666
* Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
* Fix uninitialized variable warning. CVE-2014-9665-fixup-2
* Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
CVE-2014-9665-fixup
* [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
* [sfnt] Fix Savannah bug #43656. CVE-2014-9663
* [cff] Fix Savannah bug #43658. CVE-2014-9662
* [type42] Allow only embedded TrueType fonts. CVE-2014-9661
* [bdf] Fix Savannah bug #43660. CVE-2014-9660
* [cff] Fix Savannah bug #43661. CVE-2014-9659
* [sfnt] Fix Savannah bug #43672. CVE-2014-9658
* [truetype] Fix Savannah bug #43679. CVE-2014-9657
* [sfnt] Fix Savannah bug #43680. CVE-2014-9656
* All CVEs patched. Closes: #777656.
Checksums-Sha1:
3a2a91cde82d0231cd17ac1ca9c93879ab81b152 2078 freetype_2.5.2-3.dsc
0461db9903ba3cf76d8fb0c05589393f3bad6e37 65772 freetype_2.5.2-3.diff.gz
23b5c440d27916d17c5581a04785fc01caa772e9 466228 libfreetype6_2.5.2-3_amd64.deb
c76df6aed3041e8597fb203c5c0c28384c4d3560 639830
libfreetype6-dev_2.5.2-3_amd64.deb
1509066bee74019295aad6cb33b8f50a36f22453 94324
freetype2-demos_2.5.2-3_amd64.deb
1a8b57c3ea177ce29cf4893265dcb595619a605d 294948
libfreetype6-udeb_2.5.2-3_amd64.udeb
Checksums-Sha256:
20f49e6af334c14921caf854b4c0f0d431b6ccec8d24ab87f05a5d87770fc0a5 2078
freetype_2.5.2-3.dsc
3370204972ae5df8c0035dd0f473eee6cb461b85518c3155fc8ab062882b4bbd 65772
freetype_2.5.2-3.diff.gz
90d27b9dbad6653eff439df987b4ef4ca340a08966b74072dfba88ab5fb33cf8 466228
libfreetype6_2.5.2-3_amd64.deb
3031bd23dbd480e38d3adede602d2ffb72d080a34e40b87132bff2e63fddd4e5 639830
libfreetype6-dev_2.5.2-3_amd64.deb
ade17c6d84ab2f7134f897c5e2f90af868aa489cd7ebe05c49deafc0ec8d4d0c 94324
freetype2-demos_2.5.2-3_amd64.deb
c48a984d2bac451d69f5e9ca085271e32e0726d268618760005b51180d635a1b 294948
libfreetype6-udeb_2.5.2-3_amd64.udeb
Files:
aaf787c7904ad14e7106e3e38e17f760 2078 libs optional freetype_2.5.2-3.dsc
f08c158f41e2e5e4d8ba23e98aa05e6f 65772 libs optional freetype_2.5.2-3.diff.gz
679df204496aaa7de1d131650bd4de9d 466228 libs optional
libfreetype6_2.5.2-3_amd64.deb
7079cc465d2d8caf3ca8454924be110d 639830 libdevel optional
libfreetype6-dev_2.5.2-3_amd64.deb
6666431bd19656f7d045973f2df93aac 94324 utils optional
freetype2-demos_2.5.2-3_amd64.deb
cb37948dcf3e77ac22a1f60dda553454 294948 debian-installer extra
libfreetype6-udeb_2.5.2-3_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBVPFLYtsiGmkAAAARAQhMeA/+Pksr1+7w2ofI0EjxNegjzpWTfeemeeOz
ts6yaDY3rsaIxegv+0Qt0XwP/CYqMJf3uqs51j6agFxVsrlsmS/MEH97HI0Y390L
poJ9Jrs3Aewewt3OyIn4fMcv7Kg/TBPj59ZG0GObBC2wm2ZupVYUy5gtkxvw6pvB
+ysZ12GP4LXj3Hbs/20XzrknZe5PY/wxi2+rucTA/NztqWX8WwebDp5BzJY5N93g
P3CTEEDAngbkQXow/AVknbrn83jEM+WoXC7sNr46zN3ETxVmdM/juNFd42357DBm
8b4q2WowKoCNcREKcebCbDjxaATKJEJ9OsCy5SBb/GKOmrS9mSFBKDyG89rfsocJ
lJqGK/jXdB4pIfKB9aKFKhTOIiDjE0YJBxVpNCzZQHoGm+jcN804Cl8sPOZfLjvN
oqTxPJHJDrScn0lWhO/Msia18lS2EaN63aTDybXmyMZwh1KNWZrTuRDMYWF9XdqS
GKDkdzWtLBLr8B7U7e+7+M+dziIGepWiHoeRpCMMWC8RK+c8lPhSFRYem3kkhn/F
LbgVlxRQlVlzfgTBZQHOV4TTT9yp1IMZCMhuCNmzcAXu7xPnVSMPqgBD3Dv4XroN
88w2tLWh4OK9VGttw1ZBDq5DsFff7WUw1K/9A74EAZ4jFl+SgXd/vco4vI/TuRWN
CUaT2yCxx20=
=G5BZ
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1yrznp-0002hp...@franck.debian.org
