[ubuntu/hardy-security] pango1.0, pango1.0 (delayed) 1.20.5-0ubuntu1.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Mar 2 15:04:08 UTC 2011 

pango1.0 (1.20.5-0ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted font file
    - debian/patches/14_security_CVE-2010-0421.patch: validate glyphs in
      pango/opentype/harfbuzz-gdef.c.
    - CVE-2010-0421
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted font file (LP: #696616)
    - debian/patches/15_security_CVE-2011-0020.patch: check for overflow in
      pango/pangoft2-render.c.
    - CVE-2011-0020

Date: Tue, 01 Mar 2011 11:02:04 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/pango1.0/1.20.5-0ubuntu1.2
-------------- next part --------------
Format: 1.7
Date: Tue, 01 Mar 2011 11:02:04 -0500
Source: pango1.0
Binary: libpango1.0-0 libpango1.0-udeb libpango1.0-common libpango1.0-dev libpango1.0-0-dbg libpango1.0-doc
Architecture: source
Version: 1.20.5-0ubuntu1.2
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libpango1.0-0 - Layout and rendering of internationalized text
 libpango1.0-0-dbg - The Pango library and debugging symbols
 libpango1.0-common - Modules and configuration files for the Pango
 libpango1.0-dev - Development files for the Pango
 libpango1.0-doc - Documentation files for the Pango
 libpango1.0-udeb - Layout and rendering of internationalized text - minimal runtime
Launchpad-Bugs-Fixed: 696616
Changes: 
 pango1.0 (1.20.5-0ubuntu1.2) hardy-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted font file
     - debian/patches/14_security_CVE-2010-0421.patch: validate glyphs in
       pango/opentype/harfbuzz-gdef.c.
     - CVE-2010-0421
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted font file (LP: #696616)
     - debian/patches/15_security_CVE-2011-0020.patch: check for overflow in
       pango/pangoft2-render.c.
     - CVE-2011-0020
Files: 
 e7149a352c41661d963850b43fac0a61 1963 libs optional pango1.0_1.20.5-0ubuntu1.2.dsc
 fd1e290b69055e2145aaf035b9e76ef1 29970 libs optional pango1.0_1.20.5-0ubuntu1.2.diff.gz
Original-Maintainer: Sebastien Bacher <seb128 at debian.org>

More information about the Hardy-changes mailing list