freetype 2.3.5-1ubuntu4.8.04.4 source package in Ubuntu
Changelog
freetype (2.3.5-1ubuntu4.8.04.4) hardy-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
in CFF Type2 CharStrings interpreter (LP: #617019)
- debian/patches-freetype/CVE-2010-1797.patch: check number of operands
in src/cff/cffgload.c.
- CVE-2010-1797
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
in the ftmulti demo program (LP: #617019)
- debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
sizes in src/ftmulti.c.
- CVE-2010-2541
* SECURITY UPDATE: possible arbitrary code execution via improper bounds
checking (LP: #617019)
- debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
src/base/ftstream.c.
- CVE-2010-2805
* SECURITY UPDATE: possible arbitrary code execution via improper bounds
checking (LP: #617019)
- debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
src/type42/t42parse.c.
- CVE-2010-2806
* SECURITY UPDATE: possible arbitrary code execution via improper type
comparisons (LP: #617019)
- debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
- CVE-2010-2807
* SECURITY UPDATE: possible arbitrary code execution via memory
corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
- debian/patches-freetype/CVE-2010-2808.patch: check rlen in
src/base/ftobjs.c.
- CVE-2010-2808
* SECURITY UPDATE: denial of service via bdf font (LP: #617019)
- debian/patches-freetype/bug30135.patch: don't modify value in static
string in src/bdf/bdflib.c.
-- Marc Deslauriers <email address hidden> Fri, 13 Aug 2010 10:35:08 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Hardy
- Original maintainer:
- Ubuntu Development Team
- Architectures:
- any
- Section:
- libs
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| freetype_2.3.5.orig.tar.gz | 1.5 MiB | 19a37dd2f5f1d1bed42040601581c5ca660708f25bf64703ab0444e376ad4927 |
| freetype_2.3.5-1ubuntu4.8.04.4.diff.gz | 40.0 KiB | efd2d90c24c1f3de17b29b9334214990355168eeea58a2e003af7117d7f80393 |
| freetype_2.3.5-1ubuntu4.8.04.4.dsc | 907 bytes | 6b6a48f366d59574fb2b792fdd7e7e9fcc338dea2d31a19e158c0f30a6643200 |
Available diffs
Binary packages built by this source
- freetype2-demos: No summary available for freetype2-demos in ubuntu hardy.
No description available for freetype2-demos in ubuntu hardy.
- libfreetype6: No summary available for libfreetype6 in ubuntu hardy.
No description available for libfreetype6 in ubuntu hardy.
- libfreetype6-dev: No summary available for libfreetype6-dev in ubuntu hardy.
No description available for libfreetype6-dev in ubuntu hardy.
- libfreetype6-udeb: No summary available for libfreetype6-udeb in ubuntu hardy.
No description available for libfreetype6-udeb in ubuntu hardy.
