[ubuntu/wily-proposed] freetype 2.5.2-4ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri May 22 16:23:12 UTC 2015
freetype (2.5.2-4ubuntu1) wily; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/patches-freetype/revert_scalable_fonts_metric.patch:
revert commit "Fix metrics on size request for scalable fonts.",
which breaks gtk underlining markups
- Make libfreetype6-dev M-A: same.
- Error out on the use of the freetype-config --libtool option.
- Don't add multiarch libdirs for freetype-config --libs.
- Install the freetype2/config headers into the multiarch include path
and provide symlinks in /usr/include.
- debian/patches-freetype/multi-thread-violations.patch: fix
multithread violations
* Dropped changes, included in Debian:
- debian/patches-freetype/CVE-2014-96xx/*
* debian/patches-freetype/savannah-bug-41309.patch: fix use of
uninitialized data. (LP: #1449225)
freetype (2.5.2-4) unstable; urgency=medium
* Fix Savannah bug #43774. Closes #780143.
* Release 2.5.2-4
freetype (2.5.2-3) unstable; urgency=medium
* Fix Savannah bug #43535. CVE-2014-9675
* [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1
* src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
in the summation of POST fragment lengths. CVE-2014-0674-part-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
too long tracing messages. CVS-2014-9674-fixup-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to read the lengths in POST fragments. CVE-2014-9674-fixup-1
* Fix Savannah bug #43538. CVE-2014-9674-part-1
* Fix Savannah bug #43539. CVE-2014-9673
* src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
a broken POST table in resource-fork. CVE-2014-9673-fixup
* Fix Savannah bug #43540. CVE-2014-9672
* Fix Savannah bug #43547. CVE-2014-9671
* Fix Savannah bug #43548. CVE-2014-9670
* [sfnt] Fix Savannah bug #43588. CVE-2014-9669
* [sfnt] Fix Savannah bug #43589. CVE-2014-9668
* [sfnt] Fix Savannah bug #43590. CVE-2014-9667
* [sfnt] Fix Savannah bug #43591. CVE-2014-9666
* Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
* Fix uninitialized variable warning. CVE-2014-9665-fixup-2
* Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
CVE-2014-9665-fixup
* [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
* [sfnt] Fix Savannah bug #43656. CVE-2014-9663
* [cff] Fix Savannah bug #43658. CVE-2014-9662
* [type42] Allow only embedded TrueType fonts. CVE-2014-9661
* [bdf] Fix Savannah bug #43660. CVE-2014-9660
* [cff] Fix Savannah bug #43661. CVE-2014-9659
* [sfnt] Fix Savannah bug #43672. CVE-2014-9658
* [truetype] Fix Savannah bug #43679. CVE-2014-9657
* [sfnt] Fix Savannah bug #43680. CVE-2014-9656
* All CVEs patched. Closes: #777656.
Date: Fri, 22 May 2015 11:03:23 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/freetype/2.5.2-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 22 May 2015 11:03:23 -0400
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source
Version: 2.5.2-4ubuntu1
Distribution: wily
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 777656
Launchpad-Bugs-Fixed: 1449225
Changes:
freetype (2.5.2-4ubuntu1) wily; urgency=medium
.
* Merge from Debian unstable, remaining changes:
- debian/patches-freetype/revert_scalable_fonts_metric.patch:
revert commit "Fix metrics on size request for scalable fonts.",
which breaks gtk underlining markups
- Make libfreetype6-dev M-A: same.
- Error out on the use of the freetype-config --libtool option.
- Don't add multiarch libdirs for freetype-config --libs.
- Install the freetype2/config headers into the multiarch include path
and provide symlinks in /usr/include.
- debian/patches-freetype/multi-thread-violations.patch: fix
multithread violations
* Dropped changes, included in Debian:
- debian/patches-freetype/CVE-2014-96xx/*
* debian/patches-freetype/savannah-bug-41309.patch: fix use of
uninitialized data. (LP: #1449225)
.
freetype (2.5.2-4) unstable; urgency=medium
.
* Fix Savannah bug #43774. Closes #780143.
* Release 2.5.2-4
.
freetype (2.5.2-3) unstable; urgency=medium
.
* Fix Savannah bug #43535. CVE-2014-9675
* [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1
* src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
in the summation of POST fragment lengths. CVE-2014-0674-part-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
too long tracing messages. CVS-2014-9674-fixup-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to read the lengths in POST fragments. CVE-2014-9674-fixup-1
* Fix Savannah bug #43538. CVE-2014-9674-part-1
* Fix Savannah bug #43539. CVE-2014-9673
* src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
a broken POST table in resource-fork. CVE-2014-9673-fixup
* Fix Savannah bug #43540. CVE-2014-9672
* Fix Savannah bug #43547. CVE-2014-9671
* Fix Savannah bug #43548. CVE-2014-9670
* [sfnt] Fix Savannah bug #43588. CVE-2014-9669
* [sfnt] Fix Savannah bug #43589. CVE-2014-9668
* [sfnt] Fix Savannah bug #43590. CVE-2014-9667
* [sfnt] Fix Savannah bug #43591. CVE-2014-9666
* Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
* Fix uninitialized variable warning. CVE-2014-9665-fixup-2
* Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
CVE-2014-9665-fixup
* [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
* [sfnt] Fix Savannah bug #43656. CVE-2014-9663
* [cff] Fix Savannah bug #43658. CVE-2014-9662
* [type42] Allow only embedded TrueType fonts. CVE-2014-9661
* [bdf] Fix Savannah bug #43660. CVE-2014-9660
* [cff] Fix Savannah bug #43661. CVE-2014-9659
* [sfnt] Fix Savannah bug #43672. CVE-2014-9658
* [truetype] Fix Savannah bug #43679. CVE-2014-9657
* [sfnt] Fix Savannah bug #43680. CVE-2014-9656
* All CVEs patched. Closes: #777656.
Checksums-Sha1:
6e82bce71e8c436e0924f34d3c9158251174b2b6 2193 freetype_2.5.2-4ubuntu1.dsc
cd585a224b742e769f4b14a8028b5d0889474a82 1971155 freetype_2.5.2.orig.tar.gz
af48083fb1b74c451ba57273b7e9b1d47fb147bf 89044 freetype_2.5.2-4ubuntu1.diff.gz
Checksums-Sha256:
ad632f029e4ff3ea144d881298f7f8f2a40050eaf923faac9f5384b5b2fb6f95 2193 freetype_2.5.2-4ubuntu1.dsc
5fda4996e43cfdf9b602a0eb5abde014f1a3c3b2d82bbb9b86942011c63f5c3a 1971155 freetype_2.5.2.orig.tar.gz
3aecce92dffedda1e095bfa88674ee961fcce28648c406c6fd82c5e580f20cc8 89044 freetype_2.5.2-4ubuntu1.diff.gz
Files:
2c525c83ebc2f0880609469c103e8014 2193 libs optional freetype_2.5.2-4ubuntu1.dsc
cd5d3efcc73e221e68992b7b062d77ac 1971155 libs optional freetype_2.5.2.orig.tar.gz
04e50ffba26a1c6c56fd42d17736207e 89044 libs optional freetype_2.5.2-4ubuntu1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVX1duAAoJEGVp2FWnRL6TLcUP/2TW5zwZ2TSZj4HF+ErBRSmT
Zyfd0EabRoAbaur5qCrucMvh0a7cC2spoFRHr19fVoJo3NOs0EbDzEtEr9c0TE09
wXa0uz7lydY7aEKFRH4crEBGdfXR9jLehnHxLyG9gwBOkO+ICTgd3Ox9eDa2gZZ7
WOoJ/uSnvJ2TJikwMIQgZ/5PfkKuOX4cBZKSXS2983MchQ/6j8daAdWZTznwwcu0
QhuGei0YcVKUGfb85HDkLiF5i92KfTAe+CHa0JHu2i5ZePEXeu6kNFijdKzj2oZn
CE0U6t6FP7ar2sGijzzN2CipTFNMkHAXfwcZbbXh3G2X9rLfsKA/V56yHs7m7qkL
kIetbvWW7xEtmR40eI+NyLlRW+WTTikiDcNVu38H5tE/59TYihqi2blYu9qsQXAe
FKZvMJ397GCLJaechqPatLKOsSYWyME9dAlKWVgcWTFJflZ6PUT85y0h9+mxRKAR
EA0uQVOsvGJJHa5SKvVGs/o9S0KFFgTYqrwr0ZuVezZXApfSaZ9LH+SPXazlwGjD
aMs5OMwt8xqzS7Fcm0Bb3uaQ2yt95Pwsc9M1VUCxXV45/3TQaOb5zcBXdWevp2ul
SCH54TMgqQZEGgQVdtRPeSNtqKXS0Ma5oGmvWV8KzhY8jsSLm0kLzNQETEONeMkz
T9Wi7zsOfSXSQciS7UKs
=kIO5
-----END PGP SIGNATURE-----
More information about the Wily-changes
mailing list