[ubuntu/raring-proposed] freetype 2.4.10-0ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Jan 14 18:55:15 UTC 2013
freetype (2.4.10-0ubuntu2) raring; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via NULL
pointer dereference
- debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
of allocation error in src/bdf/bdflib.c.
- CVE-2012-5668
* SECURITY UPDATE: denial of service and possible code execution via heap
buffer over-read in BDF parsing
- debian/patches-freetype/CVE-2012-5669.patch: use correct array size
in src/bdf/bdflib.c.
- CVE-2012-5669
* SECURITY UPDATE: denial of service and possible code execution via out-
of-bounds write
- debian/patches-freetype/CVE-2012-5670.patch: normalize negative
parameter in src/bdf/bdflib.c.
- CVE-2012-5670
Date: Mon, 14 Jan 2013 13:24:57 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/freetype/2.4.10-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 14 Jan 2013 13:24:57 -0500
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source
Version: 2.4.10-0ubuntu2
Distribution: raring
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Changes:
freetype (2.4.10-0ubuntu2) raring; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via NULL
pointer dereference
- debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
of allocation error in src/bdf/bdflib.c.
- CVE-2012-5668
* SECURITY UPDATE: denial of service and possible code execution via heap
buffer over-read in BDF parsing
- debian/patches-freetype/CVE-2012-5669.patch: use correct array size
in src/bdf/bdflib.c.
- CVE-2012-5669
* SECURITY UPDATE: denial of service and possible code execution via out-
of-bounds write
- debian/patches-freetype/CVE-2012-5670.patch: normalize negative
parameter in src/bdf/bdflib.c.
- CVE-2012-5670
Checksums-Sha1:
2b9f5d2d9c96b0c1365f24f50f5c78667b2907b2 2148 freetype_2.4.10-0ubuntu2.dsc
a5a27182492250aec7b0157fee81f3682cbd6b4e 37809 freetype_2.4.10-0ubuntu2.diff.gz
Checksums-Sha256:
3f8e8be5f1808595eb72d6adbc03f9b8db745c9f572db170284adcbe6e258c76 2148 freetype_2.4.10-0ubuntu2.dsc
bd4edc9e7878f718b35c7d09c21ae83fa92c9235936de6deb6d581bc022ac195 37809 freetype_2.4.10-0ubuntu2.diff.gz
Files:
40e9f79afeca8e7ca8c056f315acf80d 2148 libs optional freetype_2.4.10-0ubuntu2.dsc
0132d6324dad5940605ada2706946958 37809 libs optional freetype_2.4.10-0ubuntu2.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJQ9E+DAAoJEGVp2FWnRL6T0CMQAINwt+xyduvE8ZBJipRxl4U3
1q8ShMw5TR1WA+ch7FK+AmyHmyvSBHSWQoknPDlJEEop63bUGISZM6igMRrcBc+u
8azlzr8e/47+n6sE9hoO1fRyMK+H+bCKCx5xRTNgLR0voNWdH8+EaFgTiIB5b4I8
nXN1lotyd3zb0bz0MoiUrtW57IdGomYEbKE1HVI4zUsjXtai5AARa3uXcAyNV+RC
QaPC98QnUbJRL5w8NFJ3t1k0R+RiEcBzlVyJi1XuEcEmejGz+iFeiOEwa/R8EY7l
n/4oKiE0SnOH2JGZqFydiGBzwu+wafgTnP3cqF2ZGLLme26t/OkLUo9Y6Wxy6s2x
Ht7t2AmKCHSjJmSssyePUZjQJ6zuVa/Y/AZsukmuh6IoRYMuM2n/uGYbg0qT7uMK
+FNtVMpMtF3RBZIbll1sw7DKrcOwkxmKxx8cMqTwxmLHLsSVVDUM0r9ybjO3RtjL
9gw+PWGT5oEdPmFoJx5p40lA1mH1iaCfxtpmPz1Jfvw0wum3uqwBXTWA7NM1sFYl
g0yGoeOWO85RqyiiTpW7ZD0Qd+WU1GN/TOwSQHgMKloviTl4Gt7TnMy4HbqXqndP
Bn1BOiM9uu9E0x4S+RvxFWjgLF4aiM+ZHEVqrKm0pUQ04Hqk5Ehqvjwo1LXPKUbQ
qA70ayB8vX5c7m/M3tjj
=keWV
-----END PGP SIGNATURE-----
More information about the Raring-changes
mailing list