[ubuntu/trusty-security] graphite2 1.2.4-1ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Feb 17 14:41:46 UTC 2016
graphite2 (1.2.4-1ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: multiple security issues
- debian/patches/CVE-2016-152x-1.patch: fix out of bounds access in
src/Bidi.cpp.
- debian/patches/CVE-2016-152x-2.patch: handle fonts with 0 features in
src/FeatureMap.cpp, src/inc/FeatureMap.h.
- debian/patches/CVE-2016-152x-3.patch: check size in src/TtfUtil.cpp.
- debian/patches/CVE-2016-152x-4.patch: check for cntxtItem
misalignment in src/Code.cpp.
- debian/patches/CVE-2016-152x-5.patch: disallow nested cntxt_item in
src/Code.cpp.
- CVE-2016-1521
- CVE-2016-1522
- CVE-2016-1523
- CVE-2016-1526
* debian/patches/no-icons.diff: run a2x without --icons to avoid FTBFS.
Date: 2016-02-11 16:20:13.229461+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/graphite2/1.2.4-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list