[ubuntu/maverick-security] freetype, freetype (delayed) 2.4.2-2ubuntu0.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Nov 4 13:04:14 GMT 2010


freetype (2.4.2-2ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

Date: Tue, 02 Nov 2010 14:20:42 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/freetype/2.4.2-2ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 02 Nov 2010 14:20:42 -0400
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source
Version: 2.4.2-2ubuntu0.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 freetype2-demos - FreeType 2 demonstration programs
 libfreetype6 - FreeType 2 font engine, shared library files
 libfreetype6-dev - FreeType 2 font engine, development files
 libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Changes: 
 freetype (2.4.2-2ubuntu0.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     improper error handling of SHZ bytecode instruction
     - debian/patches/CVE-2010-3814.patch: add bounds check to
       src/truetype/ttinterp.c.
     - CVE-2010-3814
   * SECURITY UPDATE: denial of service and possible code execution via
     TrueType GX font
     - debian/patches/CVE-2010-3855.patch: add bounds checks to
       src/truetype/ttgxvar.c.
     - CVE-2010-3855
Checksums-Sha1: 
 43a372c0add69636ef23c0bef550cd6f4d0d6ef0 1951 freetype_2.4.2-2ubuntu0.1.dsc
 f509df89ad1b4a2592c6f2a7e151e4a8219d7321 36601 freetype_2.4.2-2ubuntu0.1.diff.gz
Checksums-Sha256: 
 fd53f287edd90d37f37eb1569121ab69ec43e966eb906e0f55eb272f121510bd 1951 freetype_2.4.2-2ubuntu0.1.dsc
 782b3ba36a4f960225d46a398ea60271d9b3e3951b9b16df1dcacee42a21ef91 36601 freetype_2.4.2-2ubuntu0.1.diff.gz
Files: 
 2b84d228577f372bf1464c64453d03f1 1951 libs optional freetype_2.4.2-2ubuntu0.1.dsc
 a0ed6b010917740b4bd18b5ca44f9667 36601 libs optional freetype_2.4.2-2ubuntu0.1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>


More information about the Maverick-changes mailing list