Accepted libxfont 1:1.2.0-0ubuntu2 (source)
Martin Pitt
martin.pitt at ubuntu.com
Wed Sep 6 12:30:09 BST 2006
Accepted:
OK: libxfont_1.2.0-0ubuntu2.dsc
-> Component: main Section: x11
OK: libxfont_1.2.0-0ubuntu2.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 6 Sep 2006 13:27:04 +0200
Source: libxfont
Binary: libxfont1-dbg libxfont1 libxfont-dev
Architecture: source
Version: 1:1.2.0-0ubuntu2
Distribution: edgy
Urgency: low
Maintainer: Debian X Strike Force <debian-x at lists.debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
libxfont-dev - X11 font rasterisation library (development headers)
libxfont1 - X11 font rasterisation library
libxfont1-dbg - X11 font rasterisation library (debug package)
Changes:
libxfont (1:1.2.0-0ubuntu2) edgy; urgency=low
.
* SECURITY UPDATE: DoS (X server crash) and possible root privilege escalation.
* Add debian/patches/pcf-int-overflow.diff:
- src/bitmap/pcfread.c: Check for integer overflows when parsing PCF font
files to prevent exploitable buffer overflow.
- Patch taken from upstream git:
http://gitweb.freedesktop.org/?p=xorg/lib/libXfont.git;a=commit;h=8d171fe61e564d8ed8f75034d4191062cecf190b
* CVE-2006-3467
Files:
d892aabfc6a3f22919d94da23795ea7c 919 x11 optional libxfont_1.2.0-0ubuntu2.dsc
a4c4d1a72ac1b73609c3f10a1ecdf16e 19687 x11 optional libxfont_1.2.0-0ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFE/rDEDecnbV4Fd/IRAu9JAJ9/y0xagOqEIaq+k/ESJQ4dUE0kRQCggjc8
kuW/cw4afFry6X2Dwvb9b+o=
=I827
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list