View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
applied/ubuntu/jaunty-updates 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-secu...

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 01ea8c50f04e90a88ce15b3cd807572bca2eb83d
Unapplied parent: 82199a755d30d2b0df87fcfd0990793c8c99381c

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

applied/ubuntu/jaunty-security 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-secu...

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 01ea8c50f04e90a88ce15b3cd807572bca2eb83d
Unapplied parent: 82199a755d30d2b0df87fcfd0990793c8c99381c

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

applied/ubuntu/jaunty-devel 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-secu...

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 01ea8c50f04e90a88ce15b3cd807572bca2eb83d
Unapplied parent: 82199a755d30d2b0df87fcfd0990793c8c99381c

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

ubuntu/jaunty-updates 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 5b4f42862ac9e57b454f8eef569c436b1ece4276

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

ubuntu/jaunty-security 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 5b4f42862ac9e57b454f8eef569c436b1ece4276

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

ubuntu/jaunty-devel 2010-08-17 17:07:55 UTC 2010-08-17
Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-08-13 14:23:02 UTC

Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 5b4f42862ac9e57b454f8eef569c436b1ece4276

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

applied/ubuntu/lucid 2009-12-01 09:04:31 UTC 2009-12-01
Import patches-applied version 2.3.11-1ubuntu2 to applied/ubuntu/lucid

Author: Mario Limonciello
Author Date: 2009-12-01 08:25:21 UTC

Import patches-applied version 2.3.11-1ubuntu2 to applied/ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 43b73cc9bd4710056077730269e4cc93acbfc15c
Unapplied parent: 62c0fec34dab2a78f66ad04a2c44a1cc1c967039

New changelog entries:
  * Revert last change. I really did have a FTBFS that "looked" like this
    was the cause, but it's actually something else that dropped it's
    dependency on libfreetype6-dev.

ubuntu/lucid 2009-12-01 09:04:31 UTC 2009-12-01
Import patches-unapplied version 2.3.11-1ubuntu2 to ubuntu/lucid

Author: Mario Limonciello
Author Date: 2009-12-01 08:25:21 UTC

Import patches-unapplied version 2.3.11-1ubuntu2 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 563f2c0193923c792c4a4d38abc4fed44ff7a46c

New changelog entries:
  * Revert last change. I really did have a FTBFS that "looked" like this
    was the cause, but it's actually something else that dropped it's
    dependency on libfreetype6-dev.

applied/ubuntu/karmic 2009-07-15 14:50:54 UTC 2009-07-15
Import patches-applied version 2.3.9-5 to applied/debian/sid

Author: Steve Langasek
Author Date: 2009-06-01 11:37:19 UTC

Import patches-applied version 2.3.9-5 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 40895ac71e24bab4f9888d9249f1c4321bb30af5
Unapplied parent: 5f29072b20adeca689dbe8d840da640d2ef20bea

New changelog entries:
  * Pass proper --host/--build args to ./configure, to support
    cross-building. Closes: #465292.
  * clean up a number of unused variables in debian/rules; maybe someday
    we'll get this package to converge on debhelper 7... :)
  * Fix the doc-base section for libfreetype6-dev. Closes: #315845.
  * Remove one final reference to /usr/X11R6 in debian/rules.
  * Drop incorrect Replaces: freetype0, freetype1
  * Add debian/README.source, documenting the madness that is this source
    package.
  * Standards-Version to 3.8.0.
  * Fix multiple integer overflows leading to arbitrary code execution
    or DoS (CVE-2009-0946; Closes: #524925). Thanks to Nico Golde for the
    NMU.

ubuntu/karmic 2009-07-15 14:50:54 UTC 2009-07-15
Import patches-unapplied version 2.3.9-5 to debian/sid

Author: Steve Langasek
Author Date: 2009-06-01 11:37:19 UTC

Import patches-unapplied version 2.3.9-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4033d96486ed9e1d40415e9bf20c6baf083ab416

New changelog entries:
  * Pass proper --host/--build args to ./configure, to support
    cross-building. Closes: #465292.
  * clean up a number of unused variables in debian/rules; maybe someday
    we'll get this package to converge on debhelper 7... :)
  * Fix the doc-base section for libfreetype6-dev. Closes: #315845.
  * Remove one final reference to /usr/X11R6 in debian/rules.
  * Drop incorrect Replaces: freetype0, freetype1
  * Add debian/README.source, documenting the madness that is this source
    package.
  * Standards-Version to 3.8.0.
  * Fix multiple integer overflows leading to arbitrary code execution
    or DoS (CVE-2009-0946; Closes: #524925). Thanks to Nico Golde for the
    NMU.

ubuntu/intrepid-devel 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 41898ad961dea8970e5e710a129ab8e9ffefb655

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

ubuntu/intrepid-security 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 41898ad961dea8970e5e710a129ab8e9ffefb655

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

ubuntu/intrepid-updates 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-unapplied version 2.3.7-2ubuntu1.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 41898ad961dea8970e5e710a129ab8e9ffefb655

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

applied/ubuntu/intrepid-security 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-se...

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 17b7b933000f9ce771c904f11464abb1928dcf95
Unapplied parent: 24f1af53c006cba81a138c3d21582e892ac988f7

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

applied/ubuntu/intrepid-updates 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-se...

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 17b7b933000f9ce771c904f11464abb1928dcf95
Unapplied parent: 24f1af53c006cba81a138c3d21582e892ac988f7

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

applied/ubuntu/intrepid-devel 2009-04-27 18:04:15 UTC 2009-04-27
Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-se...

Author: Marc Deslauriers
Author Date: 2009-04-22 13:41:39 UTC

Import patches-applied version 2.3.7-2ubuntu1.1 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 17b7b933000f9ce771c904f11464abb1928dcf95
Unapplied parent: 24f1af53c006cba81a138c3d21582e892ac988f7

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

ubuntu/jaunty 2009-03-19 02:05:36 UTC 2009-03-19
Import patches-unapplied version 2.3.9-4build1 to ubuntu/jaunty

Author: Colin Watson
Author Date: 2009-03-19 01:58:27 UTC

Import patches-unapplied version 2.3.9-4build1 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 4033d96486ed9e1d40415e9bf20c6baf083ab416

New changelog entries:
  * No-change rebuild to fix lpia shared library dependencies.

applied/ubuntu/jaunty 2009-03-19 02:05:36 UTC 2009-03-19
Import patches-applied version 2.3.9-4build1 to applied/ubuntu/jaunty

Author: Colin Watson
Author Date: 2009-03-19 01:58:27 UTC

Import patches-applied version 2.3.9-4build1 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 40895ac71e24bab4f9888d9249f1c4321bb30af5
Unapplied parent: ef4d061cc53b8d29bf606f4b592f460a18ff3486

New changelog entries:
  * No-change rebuild to fix lpia shared library dependencies.

ubuntu/gutsy-security 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4bff853464435a3b0ef182b4f67d571f25de340c

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

ubuntu/feisty-devel 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d49b6fab75b9a80c26d805badc25c6ad5aa6baf5

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

ubuntu/feisty-security 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d49b6fab75b9a80c26d805badc25c6ad5aa6baf5

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

ubuntu/feisty-updates 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-unapplied version 2.2.1-5ubuntu1.2 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d49b6fab75b9a80c26d805badc25c6ad5aa6baf5

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

ubuntu/gutsy-devel 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4bff853464435a3b0ef182b4f67d571f25de340c

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

ubuntu/gutsy-updates 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.7.10.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4bff853464435a3b0ef182b4f67d571f25de340c

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/feisty-devel 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-secu...

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: ff7ec0b805eb9cf79d542c85d6d4b715277a3bd8
Unapplied parent: cc30e03c11694757c7bcde274b471a7bcc1ccf01

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/feisty-security 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-secu...

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: ff7ec0b805eb9cf79d542c85d6d4b715277a3bd8
Unapplied parent: cc30e03c11694757c7bcde274b471a7bcc1ccf01

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/feisty-updates 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-secu...

Author: Kees Cook
Author Date: 2008-09-10 23:29:25 UTC

Import patches-applied version 2.2.1-5ubuntu1.2 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: ff7ec0b805eb9cf79d542c85d6d4b715277a3bd8
Unapplied parent: cc30e03c11694757c7bcde274b471a7bcc1ccf01

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/gutsy-devel 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-...

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 878422582fb51c57a506fdd57d12491ce89ed8be
Unapplied parent: 148ea44feb9b63b5e5f496954b2cd3b5b1a53ecd

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/gutsy-security 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-...

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 878422582fb51c57a506fdd57d12491ce89ed8be
Unapplied parent: 148ea44feb9b63b5e5f496954b2cd3b5b1a53ecd

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/gutsy-updates 2008-09-11 22:04:37 UTC 2008-09-11
Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-...

Author: Kees Cook
Author Date: 2008-09-10 23:28:22 UTC

Import patches-applied version 2.3.5-1ubuntu4.7.10.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 878422582fb51c57a506fdd57d12491ce89ed8be
Unapplied parent: 148ea44feb9b63b5e5f496954b2cd3b5b1a53ecd

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

applied/ubuntu/intrepid 2008-08-28 09:04:37 UTC 2008-08-28
Import patches-applied version 2.3.7-2ubuntu1 to applied/ubuntu/intrepid

Author: Steve Langasek
Author Date: 2008-08-28 07:39:24 UTC

Import patches-applied version 2.3.7-2ubuntu1 to applied/ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: d194c1397ec45f65b20f329d0fb5c17aa63a7b88
Unapplied parent: 41898ad961dea8970e5e710a129ab8e9ffefb655

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/enable-subpixel-rendering.patch:
      + enable subpixel rendering features, used by libcairo and xft to
        provide LCD colour filtering. This is considered no more or less
        evil than the bytecode interpreter which we also enable.

ubuntu/intrepid 2008-08-28 09:04:37 UTC 2008-08-28
Import patches-unapplied version 2.3.7-2ubuntu1 to ubuntu/intrepid

Author: Steve Langasek
Author Date: 2008-08-28 07:39:24 UTC

Import patches-unapplied version 2.3.7-2ubuntu1 to ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: 3a399908f5897bd682b90edc4553d6da1d473345

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/enable-subpixel-rendering.patch:
      + enable subpixel rendering features, used by libcairo and xft to
        provide LCD colour filtering. This is considered no more or less
        evil than the bytecode interpreter which we also enable.

applied/ubuntu/gutsy 2007-09-20 23:04:28 UTC 2007-09-20
Import patches-applied version 2.3.5-1ubuntu4 to applied/ubuntu/gutsy

Author: Scott James Remnant (Canonical)
Author Date: 2007-09-20 19:51:00 UTC

Import patches-applied version 2.3.5-1ubuntu4 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 6521d8b70c551f662879704f7a956d434088e349
Unapplied parent: 4bff853464435a3b0ef182b4f67d571f25de340c

New changelog entries:
  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - Restore patch that enables subpixel rendering features, now that
      libcairo and xft provide the ability for the specific lcd filter
      to be changed.

applied/ubuntu/hardy 2007-09-20 23:04:28 UTC 2007-09-20
Import patches-applied version 2.3.5-1ubuntu4 to applied/ubuntu/gutsy

Author: Scott James Remnant (Canonical)
Author Date: 2007-09-20 19:51:00 UTC

Import patches-applied version 2.3.5-1ubuntu4 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 6521d8b70c551f662879704f7a956d434088e349
Unapplied parent: 4bff853464435a3b0ef182b4f67d571f25de340c

New changelog entries:
  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - Restore patch that enables subpixel rendering features, now that
      libcairo and xft provide the ability for the specific lcd filter
      to be changed.

ubuntu/gutsy 2007-09-20 23:04:28 UTC 2007-09-20
Import patches-unapplied version 2.3.5-1ubuntu4 to ubuntu/gutsy

Author: Scott James Remnant (Canonical)
Author Date: 2007-09-20 19:51:00 UTC

Import patches-unapplied version 2.3.5-1ubuntu4 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 079effc2a53f7ac6f596e627ebfdddfef1078da9

New changelog entries:
  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - Restore patch that enables subpixel rendering features, now that
      libcairo and xft provide the ability for the specific lcd filter
      to be changed.

ubuntu/hardy 2007-09-20 23:04:28 UTC 2007-09-20
Import patches-unapplied version 2.3.5-1ubuntu4 to ubuntu/gutsy

Author: Scott James Remnant (Canonical)
Author Date: 2007-09-20 19:51:00 UTC

Import patches-unapplied version 2.3.5-1ubuntu4 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 079effc2a53f7ac6f596e627ebfdddfef1078da9

New changelog entries:
  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - Restore patch that enables subpixel rendering features, now that
      libcairo and xft provide the ability for the specific lcd filter
      to be changed.

ubuntu/edgy-security 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 0440dca952ab9b12b095bc9dd5e06ccb1c773c08

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

applied/ubuntu/edgy-updates 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 898290a0c7be278115dc794a236b4d2f14326a51
Unapplied parent: 446df838ca3781a2511a79565e4a8e135428fdea

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

applied/ubuntu/edgy-security 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 898290a0c7be278115dc794a236b4d2f14326a51
Unapplied parent: 446df838ca3781a2511a79565e4a8e135428fdea

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

applied/ubuntu/edgy-devel 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-applied version 2.2.1-5ubuntu0.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 898290a0c7be278115dc794a236b4d2f14326a51
Unapplied parent: 446df838ca3781a2511a79565e4a8e135428fdea

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

ubuntu/edgy-devel 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 0440dca952ab9b12b095bc9dd5e06ccb1c773c08

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

ubuntu/edgy-updates 2007-05-30 22:03:27 UTC 2007-05-30
Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-05-22 21:58:50 UTC

Import patches-unapplied version 2.2.1-5ubuntu0.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 0440dca952ab9b12b095bc9dd5e06ccb1c773c08

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/security-ttgload-overflow.patch from
    upstream changes.
  * References
    CVE-2007-2754

ubuntu/breezy-security 2007-04-03 23:03:23 UTC 2007-04-03
Import patches-unapplied version 2.1.7-2.4ubuntu1.3 to ubuntu/breezy-security

Author: Kees Cook
Author Date: 2007-04-02 22:53:16 UTC

Import patches-unapplied version 2.1.7-2.4ubuntu1.3 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: 7537dab3cffb46ae96fe0642bde08aee19975f09

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches/404-bdf-integer.patch from upstream changes.
  * References
    CVE-2007-1351

applied/ubuntu/breezy-security 2007-04-03 23:03:23 UTC 2007-04-03
Import patches-applied version 2.1.7-2.4ubuntu1.3 to applied/ubuntu/breezy-se...

Author: Kees Cook
Author Date: 2007-04-02 22:53:16 UTC

Import patches-applied version 2.1.7-2.4ubuntu1.3 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: fed918d7c04f995d4e18c32e90e44b82e854ace8
Unapplied parent: d26506efafdd0f58d03f4845d59d23e9cdfe9838

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches/404-bdf-integer.patch from upstream changes.
  * References
    CVE-2007-1351

ubuntu/breezy-devel 2007-04-03 23:03:23 UTC 2007-04-03
Import patches-unapplied version 2.1.7-2.4ubuntu1.3 to ubuntu/breezy-security

Author: Kees Cook
Author Date: 2007-04-02 22:53:16 UTC

Import patches-unapplied version 2.1.7-2.4ubuntu1.3 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: 7537dab3cffb46ae96fe0642bde08aee19975f09

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches/404-bdf-integer.patch from upstream changes.
  * References
    CVE-2007-1351

applied/ubuntu/breezy-devel 2007-04-03 23:03:23 UTC 2007-04-03
Import patches-applied version 2.1.7-2.4ubuntu1.3 to applied/ubuntu/breezy-se...

Author: Kees Cook
Author Date: 2007-04-02 22:53:16 UTC

Import patches-applied version 2.1.7-2.4ubuntu1.3 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: fed918d7c04f995d4e18c32e90e44b82e854ace8
Unapplied parent: d26506efafdd0f58d03f4845d59d23e9cdfe9838

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches/404-bdf-integer.patch from upstream changes.
  * References
    CVE-2007-1351

applied/ubuntu/feisty 2007-04-03 22:03:18 UTC 2007-04-03
Import patches-applied version 2.2.1-5ubuntu1 to applied/ubuntu/feisty

Author: Kees Cook
Author Date: 2007-04-02 22:31:32 UTC

Import patches-applied version 2.2.1-5ubuntu1 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: addd2dc19511fab3867621ec63993604663de50e
Unapplied parent: 11f0a72e1035cf8e01d7ad472101ddc0aefdbd06

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2007-1351_bdf_integer.patch from
    upstream changes.
  * References
    CVE-2007-1351

ubuntu/feisty 2007-04-03 22:03:18 UTC 2007-04-03
Import patches-unapplied version 2.2.1-5ubuntu1 to ubuntu/feisty

Author: Kees Cook
Author Date: 2007-04-02 22:31:32 UTC

Import patches-unapplied version 2.2.1-5ubuntu1 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 4a63624c15fff42f829b13ab419d1f3fd1574778

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2007-1351_bdf_integer.patch from
    upstream changes.
  * References
    CVE-2007-1351

ubuntu/edgy 2006-09-19 17:04:44 UTC 2006-09-19
Import patches-unapplied version 2.2.1-5 to ubuntu/edgy

Author: Steve Langasek
Author Date: 2006-09-12 22:04:42 UTC

Import patches-unapplied version 2.2.1-5 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: dc2caaf90cd95b496548b36f971b136630f6cd36

New changelog entries:
  * High-urgency upload for RC bugfix.
  * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch to
    address CVE-2006-3467, a missing string length check in PCF files that
    leads to a possibly exploitable integer overflow. Thanks to Martin
    Pitt for the patch. Closes: #379920.
  * Drop libfreetype6.postinst code for cleaning up /usr/X11R6/lib;
    whatever version it applied to is pre-sarge, and this code is
    sufficiently blunt that I don't think it should be kept around.
    Closes: #386379.
  * Apply patch from Eugeniy Meshcheryakov <eugen@univ.kiev.ua>, applied
    upstream, to fix bug in rendering of composite glyphs.
    Closes: #374902.

applied/ubuntu/edgy 2006-09-19 17:04:44 UTC 2006-09-19
Import patches-applied version 2.2.1-5 to applied/ubuntu/edgy

Author: Steve Langasek
Author Date: 2006-09-12 22:04:42 UTC

Import patches-applied version 2.2.1-5 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 0205fbcc008071a33518d97d2883252b861c8379
Unapplied parent: 4a63624c15fff42f829b13ab419d1f3fd1574778

New changelog entries:
  * High-urgency upload for RC bugfix.
  * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch to
    address CVE-2006-3467, a missing string length check in PCF files that
    leads to a possibly exploitable integer overflow. Thanks to Martin
    Pitt for the patch. Closes: #379920.
  * Drop libfreetype6.postinst code for cleaning up /usr/X11R6/lib;
    whatever version it applied to is pre-sarge, and this code is
    sufficiently blunt that I don't think it should be kept around.
    Closes: #386379.
  * Apply patch from Eugeniy Meshcheryakov <eugen@univ.kiev.ua>, applied
    upstream, to fix bug in rendering of composite glyphs.
    Closes: #374902.

applied/ubuntu/hoary-security 2006-07-27 14:09:02 UTC 2006-07-27
Import patches-applied version 2.1.7-2.3ubuntu0.2 to applied/ubuntu/hoary-sec...

Author: Martin Pitt
Author Date: 2006-07-26 10:57:39 UTC

Import patches-applied version 2.1.7-2.3ubuntu0.2 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: b41b2367807de131544be3fe41f0f498da2e8698
Unapplied parent: 08fad9be21c134cea68b40d3c0e9fe0d07373e60

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution and DoS with crafted font files.
  * Add debian/patches/403-pcf-strlen.patch:
    - src/pcf/pcfread.c: Detect invalid string lengths.
    - CVE-2006-3467

ubuntu/hoary-security 2006-07-27 14:09:02 UTC 2006-07-27
Import patches-unapplied version 2.1.7-2.3ubuntu0.2 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2006-07-26 10:57:39 UTC

Import patches-unapplied version 2.1.7-2.3ubuntu0.2 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 30190ab741f511f0d9cc3e5337226bd2238611e0

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution and DoS with crafted font files.
  * Add debian/patches/403-pcf-strlen.patch:
    - src/pcf/pcfread.c: Detect invalid string lengths.
    - CVE-2006-3467

ubuntu/hoary-devel 2006-07-27 14:09:02 UTC 2006-07-27
Import patches-unapplied version 2.1.7-2.3ubuntu0.2 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2006-07-26 10:57:39 UTC

Import patches-unapplied version 2.1.7-2.3ubuntu0.2 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 30190ab741f511f0d9cc3e5337226bd2238611e0

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution and DoS with crafted font files.
  * Add debian/patches/403-pcf-strlen.patch:
    - src/pcf/pcfread.c: Detect invalid string lengths.
    - CVE-2006-3467

applied/ubuntu/hoary-devel 2006-07-27 14:09:02 UTC 2006-07-27
Import patches-applied version 2.1.7-2.3ubuntu0.2 to applied/ubuntu/hoary-sec...

Author: Martin Pitt
Author Date: 2006-07-26 10:57:39 UTC

Import patches-applied version 2.1.7-2.3ubuntu0.2 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: b41b2367807de131544be3fe41f0f498da2e8698
Unapplied parent: 08fad9be21c134cea68b40d3c0e9fe0d07373e60

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution and DoS with crafted font files.
  * Add debian/patches/403-pcf-strlen.patch:
    - src/pcf/pcfread.c: Detect invalid string lengths.
    - CVE-2006-3467

applied/ubuntu/dapper 2006-04-06 05:06:01 UTC 2006-04-06
Import patches-applied version 2.1.10-1ubuntu2 to applied/ubuntu/dapper

Author: Scott James Remnant (Canonical)
Author Date: 2006-04-06 04:58:24 UTC

Import patches-applied version 2.1.10-1ubuntu2 to applied/ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 0d0a5f4d90f00690894398edf270b107931f1701
Unapplied parent: 93cff740ba3149e9a8b912db85bbf89a60b3b179

New changelog entries:
  * Update shlibs dependency. Ubuntu: #5901.

ubuntu/dapper 2006-04-06 05:06:01 UTC 2006-04-06
Import patches-unapplied version 2.1.10-1ubuntu2 to ubuntu/dapper

Author: Scott James Remnant (Canonical)
Author Date: 2006-04-06 04:58:24 UTC

Import patches-unapplied version 2.1.10-1ubuntu2 to ubuntu/dapper

Imported using git-ubuntu import.

Changelog parent: 82ce39e8442c3ae37400fa5e97c90a083d243188

New changelog entries:
  * Update shlibs dependency. Ubuntu: #5901.

applied/ubuntu/breezy 2005-12-21 04:57:20 UTC 2005-12-21
Import patches-applied version 2.1.7-2.4ubuntu1 to applied/ubuntu/breezy

Author: Daniel Stone
Author Date: 2005-05-12 02:41:38 UTC

Import patches-applied version 2.1.7-2.4ubuntu1 to applied/ubuntu/breezy

Imported using git-ubuntu import.

Changelog parent: 874a20e42e3ec83742e1cbdf830694d5ae06b6ba
Unapplied parent: 296d7cb025f80d5c3e05dced642c538c65ee876a

New changelog entries:
  * Slightly relax the header check on Type1 fonts, enabling wider display of
    PDFs, et al; based on a change to FreeType CVS (closes: Ubuntu#10087).
  * Non-maintainer upload.
  * freetype-2.1.7/src/bdf/bdflib.c: When a glyph has zero width or height,
    a bitmap is not actually allocated for it, but the code used to try to
    use it anyway. Now it no longer does that. Fix by Steve Langasek,
    based on something I did earlier. Added
    debian/patches/300-bdflib-zero-width-glyphs.diff. Closes: #302269
    (Segmentation fault with certain bdf fonts).
  * freetype-2.1.7/src/bdf/bdflib.c: BDF font files with glyphs with an
    encoding value of at least 65536 would overflow the bitmap with
    65536 bits which bdflib.c uses to keep track of whether it has seen
    an encoding already. Changed things so that encodings above the
    limit cause an error code to be returned instead of a segfault
    happening. Ideally, the bitmap should be replaced with a more
    compact representation, but that is too big a change for something
    this small. I will, however, only lower the severity of the bug
    (305413) to normal, instead of marking it fixed. Added
    debian/patches/300-bdflib-large-encodings.diff.

ubuntu/breezy 2005-12-21 04:57:20 UTC 2005-12-21
Import patches-unapplied version 2.1.7-2.4ubuntu1 to ubuntu/breezy

Author: Daniel Stone
Author Date: 2005-05-12 02:41:38 UTC

Import patches-unapplied version 2.1.7-2.4ubuntu1 to ubuntu/breezy

Imported using git-ubuntu import.

Changelog parent: ed1857717df4783dc58f19dc1862d4f08cf2d15e

New changelog entries:
  * Slightly relax the header check on Type1 fonts, enabling wider display of
    PDFs, et al; based on a change to FreeType CVS (closes: Ubuntu#10087).
  * Non-maintainer upload.
  * freetype-2.1.7/src/bdf/bdflib.c: When a glyph has zero width or height,
    a bitmap is not actually allocated for it, but the code used to try to
    use it anyway. Now it no longer does that. Fix by Steve Langasek,
    based on something I did earlier. Added
    debian/patches/300-bdflib-zero-width-glyphs.diff. Closes: #302269
    (Segmentation fault with certain bdf fonts).
  * freetype-2.1.7/src/bdf/bdflib.c: BDF font files with glyphs with an
    encoding value of at least 65536 would overflow the bitmap with
    65536 bits which bdflib.c uses to keep track of whether it has seen
    an encoding already. Changed things so that encodings above the
    limit cause an error code to be returned instead of a segfault
    happening. Ideally, the bitmap should be replaced with a more
    compact representation, but that is too big a change for something
    this small. I will, however, only lower the severity of the bug
    (305413) to normal, instead of marking it fixed. Added
    debian/patches/300-bdflib-large-encodings.diff.

ubuntu/hoary 2005-12-20 20:51:35 UTC 2005-12-20
Import patches-unapplied version 2.1.7-2.3 to ubuntu/hoary

Author: dann frazier
Author Date: 2004-11-09 02:06:57 UTC

Import patches-unapplied version 2.1.7-2.3 to ubuntu/hoary

Imported using git-ubuntu import.

applied/ubuntu/hoary 2005-12-20 20:51:35 UTC 2005-12-20
Import patches-applied version 2.1.7-2.3 to applied/ubuntu/hoary

Author: dann frazier
Author Date: 2004-11-09 02:06:57 UTC

Import patches-applied version 2.1.7-2.3 to applied/ubuntu/hoary

Imported using git-ubuntu import.

Unapplied parent: ed1857717df4783dc58f19dc1862d4f08cf2d15e

applied/ubuntu/warty-devel 2005-12-20 14:37:02 UTC 2005-12-20
Import patches-applied version 2.1.7-2.1ubuntu1 to applied/ubuntu/warty

Author: Thom May
Author Date: 2004-07-28 14:45:35 UTC

Import patches-applied version 2.1.7-2.1ubuntu1 to applied/ubuntu/warty

Imported using git-ubuntu import.

Unapplied parent: 2b93fe10aa4d209c4e509d56b69f64b1886195ed

ubuntu/warty 2005-12-20 14:37:02 UTC 2005-12-20
Import patches-unapplied version 2.1.7-2.1ubuntu1 to ubuntu/warty

Author: Thom May
Author Date: 2004-07-28 14:45:35 UTC

Import patches-unapplied version 2.1.7-2.1ubuntu1 to ubuntu/warty

Imported using git-ubuntu import.

ubuntu/warty-devel 2005-12-20 14:37:02 UTC 2005-12-20
Import patches-unapplied version 2.1.7-2.1ubuntu1 to ubuntu/warty

Author: Thom May
Author Date: 2004-07-28 14:45:35 UTC

Import patches-unapplied version 2.1.7-2.1ubuntu1 to ubuntu/warty

Imported using git-ubuntu import.

applied/ubuntu/warty 2005-12-20 14:37:02 UTC 2005-12-20
Import patches-applied version 2.1.7-2.1ubuntu1 to applied/ubuntu/warty

Author: Thom May
Author Date: 2004-07-28 14:45:35 UTC

Import patches-applied version 2.1.7-2.1ubuntu1 to applied/ubuntu/warty

Imported using git-ubuntu import.

Unapplied parent: 2b93fe10aa4d209c4e509d56b69f64b1886195ed

201264 of 264 results

Other repositories

Name Last Modified
lp:ubuntu/+source/freetype 2019-09-15
11 of 1 result
You can't create new repositories for freetype in Ubuntu.