[Bug 892277] [NEW] Sync freetype 2.4.8-1 (main) from Debian unstable (main)
Tyler Hicks
tyhicks at canonical.com
Fri Nov 18 17:53:43 UTC 2011
Public bug reported:
Please sync freetype 2.4.8-1 (main) from Debian unstable (main)
FreeType 2.4.8 fixes an arbitrary code execution vulnerability when
loading specially crafted CID-keyed PostScript font files.
FreeType 2.4.8 is primarily a security release:
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.8
Changelog entries since current precise version 2.4.7-2:
freetype (2.4.8-1) unstable; urgency=high
* New upstream release
- upstream fix for CVE-2011-3439. Closes: #649122.
- adjust libfreetype6.symbols for a newly-exported function.
-- Steve Langasek <vorlon at debian.org> Thu, 17 Nov 2011 22:28:14 +0000
** Affects: freetype (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: freetype (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to freetype in Ubuntu.
https://bugs.launchpad.net/bugs/892277
Title:
Sync freetype 2.4.8-1 (main) from Debian unstable (main)
Status in “freetype” package in Ubuntu:
New
Bug description:
Please sync freetype 2.4.8-1 (main) from Debian unstable (main)
FreeType 2.4.8 fixes an arbitrary code execution vulnerability when
loading specially crafted CID-keyed PostScript font files.
FreeType 2.4.8 is primarily a security release:
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.8
Changelog entries since current precise version 2.4.7-2:
freetype (2.4.8-1) unstable; urgency=high
* New upstream release
- upstream fix for CVE-2011-3439. Closes: #649122.
- adjust libfreetype6.symbols for a newly-exported function.
-- Steve Langasek <vorlon at debian.org> Thu, 17 Nov 2011 22:28:14
+0000
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/892277/+subscriptions
More information about the foundations-bugs
mailing list