[Bug 69257] Please sync libxfont (main) from unstable (main)
Martin Pitt
martin.pitt at ubuntu.com
Mon Oct 30 10:09:57 GMT 2006
Public bug reported:
affects distros/ubuntu/libxfont
status confirmed
subscribe ubuntu-archive
Please sync libxfont (main) from Debian unstable (main).
Changelog since current edgy version 1:1.2.0-0ubuntu3:
libxfont (1:1.2.2-1) unstable; urgency=high
* New upstream version.
- closes security bug in CID encoded fonts (iDefense CVE-ID
2006-3739, 2006-3740)
- applies patches 10_freetype_buffer_overflow.patch, 10_pcf_font.patch
* dbg package has priority extra.
-- Drew Parsons <dparsons at debian.org> Wed, 13 Sep 2006 17:50:06 +1000
libxfont (1:1.2.0-2) unstable; urgency=high
* Apply upstream patch 10_pcf_font.patch (security vulnerability
CVE-2006-3467). Closes: #383353.
* Upload to unstable to ensure patch is propagated quickly.
* Apply patch 10_freetype_buffer_overflow.patch while we're at it
(no known exploits).
-- Drew Parsons <dparsons at debian.org> Thu, 17 Aug 2006 07:45:40 +1000
libxfont (1:1.2.0-1) experimental; urgency=low
* New upstream version. Closes: #364854.
- builds and works with Freetype 2.2. Closes: #362920, #370149.
* Standards version 3.7.2.
* libxfont-dev doesn't need both Depends: and Pre-Depends: x11-common.
* Use debhelper 5, tidy up debian/rules to match.
* libxfont does not provide libfontcache.so!
-- Drew Parsons <dparsons at debian.org> Thu, 27 Jul 2006 15:08:14 +1000
Ubuntu changes:
- libxfont1.install: drop libfontcache.so.0* -> fixed in Debian
- security fixes CVE-2006-3739, CVE-2006-3467, CVE-2006-3740: fixed
upstream.
So all Ubuntu changes can be dropped.
** Affects: libxfont (Ubuntu)
Importance: Undecided
Status: Confirmed
--
Please sync libxfont (main) from unstable (main)
https://launchpad.net/bugs/69257
More information about the ubuntu-archive
mailing list