[ubuntu/lucid-security] pango1.0, pango1.0 (delayed) 1.28.0-0ubuntu2.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Wed Mar 2 15:03:38 UTC 2011 

pango1.0 (1.28.0-0ubuntu2.2) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    crafted font file (LP: #696616)
    - debian/patches/20_CVE-2011-0020.patch: check for overflow in
      pango/pangoft2-render.c.
    - CVE-2011-0020
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked realloc failures
    - debian/patches/21_CVE-2011-0064.patch: check for realloc failures in
      pango/opentype/hb-buffer.*, pango/opentype/hb-buffer-private.h.
    - CVE-2011-0064

Date: Tue, 01 Mar 2011 10:02:14 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/pango1.0/1.28.0-0ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Tue, 01 Mar 2011 10:02:14 -0500
Source: pango1.0
Binary: libpango1.0-0 libpango1.0-udeb libpango1.0-common libpango1.0-dev libpango1.0-0-dbg libpango1.0-doc gir1.0-pango-1.0
Architecture: source
Version: 1.28.0-0ubuntu2.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gir1.0-pango-1.0 - Layout and rendering of internationalized text
 libpango1.0-0 - Layout and rendering of internationalized text
 libpango1.0-0-dbg - The Pango library and debugging symbols
 libpango1.0-common - Modules and configuration files for the Pango
 libpango1.0-dev - Development files for the Pango
 libpango1.0-doc - Documentation files for the Pango
 libpango1.0-udeb - Layout and rendering of internationalized text - minimal runtime (udeb)
Launchpad-Bugs-Fixed: 696616
Changes: 
 pango1.0 (1.28.0-0ubuntu2.2) lucid-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted font file (LP: #696616)
     - debian/patches/20_CVE-2011-0020.patch: check for overflow in
       pango/pangoft2-render.c.
     - CVE-2011-0020
   * SECURITY UPDATE: denial of service and possible code execution via
     unchecked realloc failures
     - debian/patches/21_CVE-2011-0064.patch: check for realloc failures in
       pango/opentype/hb-buffer.*, pango/opentype/hb-buffer-private.h.
     - CVE-2011-0064
Checksums-Sha1: 
 01f9feff0dddd170e794e1b9e0dabaae3e3ea26f 2444 pango1.0_1.28.0-0ubuntu2.2.dsc
 7e01302084589de427104c48b2e2d8ff359c728e 39118 pango1.0_1.28.0-0ubuntu2.2.diff.gz
Checksums-Sha256: 
 87aa147f07a080eabe527aa6c769b4a0cf09773f16ea266927a5942e5b469c92 2444 pango1.0_1.28.0-0ubuntu2.2.dsc
 bc37913e946ba4f8053f01df5c5763a4fc7136fe4ca99ddc46a348e89da7c2b8 39118 pango1.0_1.28.0-0ubuntu2.2.diff.gz
Files: 
 8e7681561927ec35998140c8ce912fdc 2444 libs optional pango1.0_1.28.0-0ubuntu2.2.dsc
 2c09932db5084cbb64cf78d472a6dc18 39118 libs optional pango1.0_1.28.0-0ubuntu2.2.diff.gz
Original-Maintainer: Sebastien Bacher <seb128 at debian.org>

More information about the Lucid-changes mailing list