View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
applied/ubuntu/wily-devel 2015-09-10 13:08:37 UTC 2015-09-10
Import patches-applied version 2.5.2-4ubuntu2 to applied/ubuntu/wily-proposed

Author: Marc Deslauriers
Author Date: 2015-09-10 11:05:53 UTC

Import patches-applied version 2.5.2-4ubuntu2 to applied/ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 1f3a270d04bcd86028c89d5c2fad9589db0b1d30
Unapplied parent: 746bff8938c58c8ace3b7182002d93de92e44125

New changelog entries:
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

ubuntu/wily 2015-09-10 13:08:37 UTC 2015-09-10
Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Author: Marc Deslauriers
Author Date: 2015-09-10 11:05:53 UTC

Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 9f5d19fc89556724570b75fd59fc9a08bba643e7

New changelog entries:
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

ubuntu/wily-devel 2015-09-10 13:08:37 UTC 2015-09-10
Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Author: Marc Deslauriers
Author Date: 2015-09-10 11:05:53 UTC

Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 9f5d19fc89556724570b75fd59fc9a08bba643e7

New changelog entries:
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

ubuntu/wily-proposed 2015-09-10 13:08:37 UTC 2015-09-10
Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Author: Marc Deslauriers
Author Date: 2015-09-10 11:05:53 UTC

Import patches-unapplied version 2.5.2-4ubuntu2 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 9f5d19fc89556724570b75fd59fc9a08bba643e7

New changelog entries:
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

ubuntu/lucid-devel 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7f4d8e3d690b5e6161cc42e3fc10c9b4ea6f7c1d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/lucid-devel 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 81148796c780682aa1709690b3dec23822e34a1d
Unapplied parent: 464a3f991cab7a080c5c96d4ee139ce6baf7583c

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/lucid-updates 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7f4d8e3d690b5e6161cc42e3fc10c9b4ea6f7c1d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/lucid-security 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-unapplied version 2.3.11-1ubuntu2.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7f4d8e3d690b5e6161cc42e3fc10c9b4ea6f7c1d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/utopic-devel 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 0c22fc9295eaa710cdd1c690cbd8b05e66c41614
Unapplied parent: d69a28f906701cf80b319c587de3bbc47f947cce

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/utopic-security 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 0c22fc9295eaa710cdd1c690cbd8b05e66c41614
Unapplied parent: d69a28f906701cf80b319c587de3bbc47f947cce

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/utopic-updates 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-applied version 2.5.2-2ubuntu1.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 0c22fc9295eaa710cdd1c690cbd8b05e66c41614
Unapplied parent: d69a28f906701cf80b319c587de3bbc47f947cce

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/utopic-updates 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 3a3f368db20528927049c5e5cd8477f1002475b0

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/utopic-security 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 3a3f368db20528927049c5e5cd8477f1002475b0

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/utopic-devel 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-02-24 13:41:04 UTC

Import patches-unapplied version 2.5.2-2ubuntu1.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 3a3f368db20528927049c5e5cd8477f1002475b0

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/lucid-updates 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 81148796c780682aa1709690b3dec23822e34a1d
Unapplied parent: 464a3f991cab7a080c5c96d4ee139ce6baf7583c

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/lucid-security 2015-02-24 19:48:34 UTC 2015-02-24
Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-02-24 16:22:14 UTC

Import patches-applied version 2.3.11-1ubuntu2.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 81148796c780682aa1709690b3dec23822e34a1d
Unapplied parent: 464a3f991cab7a080c5c96d4ee139ce6baf7583c

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/vivid 2015-02-24 16:53:34 UTC 2015-02-24
Import patches-unapplied version 2.5.2-2ubuntu3 to ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-02-24 16:28:03 UTC

Import patches-unapplied version 2.5.2-2ubuntu3 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: b7bd7afcfc6ff71066bc1872b66a9000ea9948d1

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/vivid 2015-02-24 16:53:34 UTC 2015-02-24
Import patches-applied version 2.5.2-2ubuntu3 to applied/ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-02-24 16:28:03 UTC

Import patches-applied version 2.5.2-2ubuntu3 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: dd694dc820a9ddc29dee2e73679dadfba59d95b6
Unapplied parent: bfc948a8e42902d23b726663ed3683a1921cf13e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

applied/ubuntu/vivid-proposed 2015-02-24 16:53:34 UTC 2015-02-24
Import patches-applied version 2.5.2-2ubuntu3 to applied/ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-02-24 16:28:03 UTC

Import patches-applied version 2.5.2-2ubuntu3 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: dd694dc820a9ddc29dee2e73679dadfba59d95b6
Unapplied parent: bfc948a8e42902d23b726663ed3683a1921cf13e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/vivid-proposed 2015-02-24 16:53:34 UTC 2015-02-24
Import patches-unapplied version 2.5.2-2ubuntu3 to ubuntu/vivid-proposed

Author: Marc Deslauriers
Author Date: 2015-02-24 16:28:03 UTC

Import patches-unapplied version 2.5.2-2ubuntu3 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: b7bd7afcfc6ff71066bc1872b66a9000ea9948d1

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

ubuntu/trusty-proposed 2015-02-11 18:22:22 UTC 2015-02-11
Import patches-unapplied version 2.5.2-1ubuntu2.3 to ubuntu/trusty-proposed

Author: Marco Trevisan (Treviño)
Author Date: 2015-01-23 02:38:04 UTC

Import patches-unapplied version 2.5.2-1ubuntu2.3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 1a1685f384cc4f5ead5ed0ac0e40517f72a86879

New changelog entries:
  * Added patchset to fix multithread violations, LP: #1199571
    - debian/patches-freetype/multi-thread-violations.patch

applied/ubuntu/trusty-proposed 2015-02-11 18:22:22 UTC 2015-02-11
Import patches-applied version 2.5.2-1ubuntu2.3 to applied/ubuntu/trusty-prop...

Author: Marco Trevisan (Treviño)
Author Date: 2015-01-23 02:38:04 UTC

Import patches-applied version 2.5.2-1ubuntu2.3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 1ec7e8ddfd5241800ffe3d1e668d852423fe7072
Unapplied parent: 6f50ea86419a3a1fee946f69907740d8abe8055f

New changelog entries:
  * Added patchset to fix multithread violations, LP: #1199571
    - debian/patches-freetype/multi-thread-violations.patch

applied/ubuntu/utopic 2014-09-19 17:38:24 UTC 2014-09-19
Import patches-applied version 2.5.2-2ubuntu1 to applied/ubuntu/utopic-proposed

Author: Steve Langasek
Author Date: 2014-09-19 17:11:16 UTC

Import patches-applied version 2.5.2-2ubuntu1 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 71b5c71ac25b9c96701fa548eb5b535ff2d30bdf
Unapplied parent: 3f41870385c96478206bf58471b15f5040135aff

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/revert_scalable_fonts_metric.patch:
      revert commit "Fix metrics on size request for scalable fonts.",
      which breaks gtk underlining markups
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/config headers into the multiarch include path
      and provide symlinks in /usr/include.
  * Dropped changes, included in Debian:
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick
      upstream patch to fix a double free.
    - debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick
      upstream patch to fix cjk font rendering issue.

ubuntu/utopic-proposed 2014-09-19 17:38:24 UTC 2014-09-19
Import patches-unapplied version 2.5.2-2ubuntu1 to ubuntu/utopic-proposed

Author: Steve Langasek
Author Date: 2014-09-19 17:11:16 UTC

Import patches-unapplied version 2.5.2-2ubuntu1 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: f3322a2a517a4d7c07e5ad5c4d939a778f8ad3e1

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/revert_scalable_fonts_metric.patch:
      revert commit "Fix metrics on size request for scalable fonts.",
      which breaks gtk underlining markups
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/config headers into the multiarch include path
      and provide symlinks in /usr/include.
  * Dropped changes, included in Debian:
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick
      upstream patch to fix a double free.
    - debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick
      upstream patch to fix cjk font rendering issue.

ubuntu/utopic 2014-09-19 17:38:24 UTC 2014-09-19
Import patches-unapplied version 2.5.2-2ubuntu1 to ubuntu/utopic-proposed

Author: Steve Langasek
Author Date: 2014-09-19 17:11:16 UTC

Import patches-unapplied version 2.5.2-2ubuntu1 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: f3322a2a517a4d7c07e5ad5c4d939a778f8ad3e1

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/revert_scalable_fonts_metric.patch:
      revert commit "Fix metrics on size request for scalable fonts.",
      which breaks gtk underlining markups
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/config headers into the multiarch include path
      and provide symlinks in /usr/include.
  * Dropped changes, included in Debian:
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick
      upstream patch to fix a double free.
    - debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick
      upstream patch to fix cjk font rendering issue.

applied/ubuntu/utopic-proposed 2014-09-19 17:38:24 UTC 2014-09-19
Import patches-applied version 2.5.2-2ubuntu1 to applied/ubuntu/utopic-proposed

Author: Steve Langasek
Author Date: 2014-09-19 17:11:16 UTC

Import patches-applied version 2.5.2-2ubuntu1 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 71b5c71ac25b9c96701fa548eb5b535ff2d30bdf
Unapplied parent: 3f41870385c96478206bf58471b15f5040135aff

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - debian/patches-freetype/revert_scalable_fonts_metric.patch:
      revert commit "Fix metrics on size request for scalable fonts.",
      which breaks gtk underlining markups
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/config headers into the multiarch include path
      and provide symlinks in /usr/include.
  * Dropped changes, included in Debian:
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick
      upstream patch to fix a double free.
    - debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick
      upstream patch to fix cjk font rendering issue.

applied/ubuntu/saucy-security 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 490504cc50ba87815216f95593b7b1640f46df61
Unapplied parent: 6abd52561d822bf27470642189d372ceba295b57

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

ubuntu/saucy-devel 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: bebe77a1d5ea661abb9a2bb53dbe63d4e83b927e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

ubuntu/saucy-updates 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: bebe77a1d5ea661abb9a2bb53dbe63d4e83b927e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

applied/ubuntu/saucy-devel 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 490504cc50ba87815216f95593b7b1640f46df61
Unapplied parent: 6abd52561d822bf27470642189d372ceba295b57

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

applied/ubuntu/saucy-updates 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-applied version 2.4.12-0ubuntu1.1 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 490504cc50ba87815216f95593b7b1640f46df61
Unapplied parent: 6abd52561d822bf27470642189d372ceba295b57

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

ubuntu/saucy-security 2014-03-17 11:48:20 UTC 2014-03-17
Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-03-13 16:52:16 UTC

Import patches-unapplied version 2.4.12-0ubuntu1.1 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: bebe77a1d5ea661abb9a2bb53dbe63d4e83b927e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches-freetype/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches-freetype/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

ubuntu/trusty 2014-03-13 17:38:23 UTC 2014-03-13
Import patches-unapplied version 2.5.2-1ubuntu2 to ubuntu/trusty-proposed

Author: Marc Deslauriers
Author Date: 2014-03-13 16:47:17 UTC

Import patches-unapplied version 2.5.2-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 5b125de6e06936e049e93ef1ff4e72e8d3b4afe5

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

applied/ubuntu/trusty 2014-03-13 17:38:23 UTC 2014-03-13
Import patches-applied version 2.5.2-1ubuntu2 to applied/ubuntu/trusty-proposed

Author: Marc Deslauriers
Author Date: 2014-03-13 16:47:17 UTC

Import patches-applied version 2.5.2-1ubuntu2 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: cbf8a34a2db9db59fbe8793c1b339a378a541e72
Unapplied parent: df942c22aaa7166bb706f6dc47122537b4c9666b

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution in
    CFF rasterizer
    - debian/patches/CVE-2014-2240.patch: validate hintMask in
      src/cff/cf2hints.c.
    - CVE-2014-2240
  * SECURITY UPDATE: denial of service in CFF rasterizer
    - debian/patches/CVE-2014-2241.patch: don't trigger asserts in
      src/cff/cf2ft.c.
    - CVE-2014-2241

ubuntu/saucy-proposed 2013-06-24 19:33:22 UTC 2013-06-24
Import patches-unapplied version 2.4.12-0ubuntu1 to ubuntu/saucy-proposed

Author: Sebastien Bacher
Author Date: 2013-05-13 11:12:42 UTC

Import patches-unapplied version 2.4.12-0ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 4277244807a833dd36df0c48156571ef61d68b71

New changelog entries:
  * New upstream version (lp: #1179523)
  * debian/patches-freetype/git_unitialized_variable.patch,
    debian/patches-ft2demos/init_variables.patch:
    - fix an unitialized variable warnings which were breaking the build
  * debian/libfreetype6.symbols: updated

applied/ubuntu/saucy-proposed 2013-06-24 19:33:22 UTC 2013-06-24
Import patches-applied version 2.4.12-0ubuntu1 to applied/ubuntu/saucy-proposed

Author: Sebastien Bacher
Author Date: 2013-05-13 11:12:42 UTC

Import patches-applied version 2.4.12-0ubuntu1 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 6dfa36239ed883a907a40742d8298f63865145d3
Unapplied parent: bebe77a1d5ea661abb9a2bb53dbe63d4e83b927e

New changelog entries:
  * New upstream version (lp: #1179523)
  * debian/patches-freetype/git_unitialized_variable.patch,
    debian/patches-ft2demos/init_variables.patch:
    - fix an unitialized variable warnings which were breaking the build
  * debian/libfreetype6.symbols: updated

ubuntu/saucy 2013-06-24 19:33:22 UTC 2013-06-24
Import patches-unapplied version 2.4.12-0ubuntu1 to ubuntu/saucy-proposed

Author: Sebastien Bacher
Author Date: 2013-05-13 11:12:42 UTC

Import patches-unapplied version 2.4.12-0ubuntu1 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 4277244807a833dd36df0c48156571ef61d68b71

New changelog entries:
  * New upstream version (lp: #1179523)
  * debian/patches-freetype/git_unitialized_variable.patch,
    debian/patches-ft2demos/init_variables.patch:
    - fix an unitialized variable warnings which were breaking the build
  * debian/libfreetype6.symbols: updated

applied/ubuntu/saucy 2013-06-24 19:33:22 UTC 2013-06-24
Import patches-applied version 2.4.12-0ubuntu1 to applied/ubuntu/saucy-proposed

Author: Sebastien Bacher
Author Date: 2013-05-13 11:12:42 UTC

Import patches-applied version 2.4.12-0ubuntu1 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 6dfa36239ed883a907a40742d8298f63865145d3
Unapplied parent: bebe77a1d5ea661abb9a2bb53dbe63d4e83b927e

New changelog entries:
  * New upstream version (lp: #1179523)
  * debian/patches-freetype/git_unitialized_variable.patch,
    debian/patches-ft2demos/init_variables.patch:
    - fix an unitialized variable warnings which were breaking the build
  * debian/libfreetype6.symbols: updated

applied/ubuntu/raring-devel 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: b25ba064024f74de45a1e7a4252964bffadb1b1c
Unapplied parent: 4277244807a833dd36df0c48156571ef61d68b71

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

applied/ubuntu/raring-proposed 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: b25ba064024f74de45a1e7a4252964bffadb1b1c
Unapplied parent: 4277244807a833dd36df0c48156571ef61d68b71

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

applied/ubuntu/raring 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-applied version 2.4.11-0ubuntu1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: b25ba064024f74de45a1e7a4252964bffadb1b1c
Unapplied parent: 4277244807a833dd36df0c48156571ef61d68b71

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

ubuntu/raring-proposed 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: aa8d342336bbac97190b46e9a30397ab94faa7f0

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

ubuntu/raring 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: aa8d342336bbac97190b46e9a30397ab94faa7f0

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

ubuntu/raring-devel 2013-02-08 12:33:17 UTC 2013-02-08
Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Author: Sebastien Bacher
Author Date: 2013-02-08 11:50:09 UTC

Import patches-unapplied version 2.4.11-0ubuntu1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: aa8d342336bbac97190b46e9a30397ab94faa7f0

New changelog entries:
  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version

ubuntu/hardy-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 97786f818951d71a6ac9ec46dd37360410dfd81d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/hardy-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 97786f818951d71a6ac9ec46dd37360410dfd81d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/oneiric-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-sec...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 3d74a7cc9c43d5518a57d1637f8ccdb09c3703a6
Unapplied parent: e32fd5fa211c03a14969cfe0cfc29b8a506dc1c2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/oneiric-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-sec...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 3d74a7cc9c43d5518a57d1637f8ccdb09c3703a6
Unapplied parent: e32fd5fa211c03a14969cfe0cfc29b8a506dc1c2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/oneiric-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-sec...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-applied version 2.4.4-2ubuntu1.3 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 3d74a7cc9c43d5518a57d1637f8ccdb09c3703a6
Unapplied parent: e32fd5fa211c03a14969cfe0cfc29b8a506dc1c2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/quantal-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c6fad5b9e3f3f2b3158f259e0c40d0d73df4a5eb
Unapplied parent: 7cc29c4d612721e4ed2608c30c58143b77965b0a

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

applied/ubuntu/quantal-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c6fad5b9e3f3f2b3158f259e0c40d0d73df4a5eb
Unapplied parent: 7cc29c4d612721e4ed2608c30c58143b77965b0a

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

applied/ubuntu/quantal-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-applied version 2.4.10-0ubuntu1.1 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c6fad5b9e3f3f2b3158f259e0c40d0d73df4a5eb
Unapplied parent: 7cc29c4d612721e4ed2608c30c58143b77965b0a

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

applied/ubuntu/hardy-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy...

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 675ebeed7ae5ff2dcfdc8b581bbea7cacc0e4cee
Unapplied parent: 1641b7293a60310616c61718324c35635b8992ba

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/hardy-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy...

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 675ebeed7ae5ff2dcfdc8b581bbea7cacc0e4cee
Unapplied parent: 1641b7293a60310616c61718324c35635b8992ba

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

applied/ubuntu/hardy-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy...

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-applied version 2.3.5-1ubuntu4.8.04.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 675ebeed7ae5ff2dcfdc8b581bbea7cacc0e4cee
Unapplied parent: 1641b7293a60310616c61718324c35635b8992ba

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/quantal-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 85a87495532c749c99c78fd1c6bbe2353c258d39

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

ubuntu/quantal-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 85a87495532c749c99c78fd1c6bbe2353c258d39

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

ubuntu/quantal-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:38:01 UTC

Import patches-unapplied version 2.4.10-0ubuntu1.1 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 85a87495532c749c99c78fd1c6bbe2353c258d39

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670

ubuntu/oneiric-updates 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 96218e7a3f1cbe8f6dd2561ec5910b08d27930b2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/oneiric-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 96218e7a3f1cbe8f6dd2561ec5910b08d27930b2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/oneiric-devel 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-01-11 18:47:14 UTC

Import patches-unapplied version 2.4.4-2ubuntu1.3 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 96218e7a3f1cbe8f6dd2561ec5910b08d27930b2

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/hardy-security 2013-01-14 18:03:19 UTC 2013-01-14
Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-01-11 20:18:51 UTC

Import patches-unapplied version 2.3.5-1ubuntu4.8.04.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 97786f818951d71a6ac9ec46dd37360410dfd81d

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669

ubuntu/quantal 2012-08-03 16:34:04 UTC 2012-08-03
Import patches-unapplied version 2.4.10-0ubuntu1 to ubuntu/quantal

Author: Sebastien Bacher
Author Date: 2012-08-03 11:57:01 UTC

Import patches-unapplied version 2.4.10-0ubuntu1 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: f10a4e18007dab06198b7881c6dcde3bdd949746

New changelog entries:
  * New upstream version
  * debian/libfreetype6.symbols:
    - new version update
  * debian/patches-freetype/savannah-bug-35847.patch,
    debian/patches-freetype/savannah-bug-35833.patch:
    - dropped, the fixes are in the new version
  * Resynchronize on Debian, remaining diff:
  * debian/patches-freetype/revert_scalable_fonts_metric.patch:
    - revert commit "Fix metrics on size request for scalable fonts.",
      it's breaking gtk underlining markups and creating some other
      issues as well (lp: #972223)

applied/ubuntu/quantal 2012-08-03 16:34:04 UTC 2012-08-03
Import patches-applied version 2.4.10-0ubuntu1 to applied/ubuntu/quantal

Author: Sebastien Bacher
Author Date: 2012-08-03 11:57:01 UTC

Import patches-applied version 2.4.10-0ubuntu1 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: fd587c4d56a476c69721f04d3c5e3d3fd63311f5
Unapplied parent: 85a87495532c749c99c78fd1c6bbe2353c258d39

New changelog entries:
  * New upstream version
  * debian/libfreetype6.symbols:
    - new version update
  * debian/patches-freetype/savannah-bug-35847.patch,
    debian/patches-freetype/savannah-bug-35833.patch:
    - dropped, the fixes are in the new version
  * Resynchronize on Debian, remaining diff:
  * debian/patches-freetype/revert_scalable_fonts_metric.patch:
    - revert commit "Fix metrics on size request for scalable fonts.",
      it's breaking gtk underlining markups and creating some other
      issues as well (lp: #972223)

applied/debian/squeeze 2012-05-12 15:11:55 UTC 2012-05-12
Import patches-applied version 2.4.2-2.1+squeeze4 to applied/debian/squeeze

Author: Moritz Muehlenhoff
Author Date: 2012-03-07 16:46:07 UTC

Import patches-applied version 2.4.2-2.1+squeeze4 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: b42370654d7aa4ed709925a57a5c6f2060567a7b
Unapplied parent: 3ac96eb33f37b1d10d43862f725e37f4a1af98ad

New changelog entries:
  * CVE-2012-11[33|34|36|42|44]

debian/squeeze 2012-05-12 15:11:55 UTC 2012-05-12
Import patches-unapplied version 2.4.2-2.1+squeeze4 to debian/squeeze

Author: Moritz Muehlenhoff
Author Date: 2012-03-07 16:46:07 UTC

Import patches-unapplied version 2.4.2-2.1+squeeze4 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 89d9d69f6cecaf43d33c471d297de0d2c9c68cc1

New changelog entries:
  * CVE-2012-11[33|34|36|42|44]

ubuntu/precise 2012-04-03 09:03:38 UTC 2012-04-03
Import patches-unapplied version 2.4.8-1ubuntu2 to ubuntu/precise

Author: Sebastien Bacher
Author Date: 2012-04-03 08:42:05 UTC

Import patches-unapplied version 2.4.8-1ubuntu2 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 59ba6365cb81c2a6a2a6fda3397637f5dea783d7

New changelog entries:
  * debian/patches-freetype/revert_scalable_fonts_metric.patch:
    - revert commit "Fix metrics on size request for scalable fonts.",
      it's breaking gtk underlining markups and creating some other
      issues as well (lp: #972223)

applied/ubuntu/precise 2012-04-03 09:03:38 UTC 2012-04-03
Import patches-applied version 2.4.8-1ubuntu2 to applied/ubuntu/precise

Author: Sebastien Bacher
Author Date: 2012-04-03 08:42:05 UTC

Import patches-applied version 2.4.8-1ubuntu2 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 215a3d503ffcbb1a11b77c21eb7bedd755d01065
Unapplied parent: 2aaf939c680c29166a7d35e28184a2f3b8a113f8

New changelog entries:
  * debian/patches-freetype/revert_scalable_fonts_metric.patch:
    - revert commit "Fix metrics on size request for scalable fonts.",
      it's breaking gtk underlining markups and creating some other
      issues as well (lp: #972223)

applied/ubuntu/natty-devel 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: ccd9d8fa0d1eeb83934fda59214494d777abd05c
Unapplied parent: 0192d17ef89c5e68155e3140c70fd95050df6c7a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/maverick-updates 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 19f487c24f5547196eb011263f36d8e1b5829760

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/maverick-security 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 19f487c24f5547196eb011263f36d8e1b5829760

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/maverick-devel 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.2-2ubuntu0.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 19f487c24f5547196eb011263f36d8e1b5829760

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/ubuntu/natty-updates 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: ccd9d8fa0d1eeb83934fda59214494d777abd05c
Unapplied parent: 0192d17ef89c5e68155e3140c70fd95050df6c7a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/ubuntu/maverick-devel 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-se...

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b9deaa841a31b13088e1c785f0b6612d3f14fa9f
Unapplied parent: 67f64c9e93d186382a8177452f9c93471cdedc8a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/ubuntu/natty-security 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.4-1ubuntu2.3 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: ccd9d8fa0d1eeb83934fda59214494d777abd05c
Unapplied parent: 0192d17ef89c5e68155e3140c70fd95050df6c7a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/ubuntu/maverick-updates 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-se...

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b9deaa841a31b13088e1c785f0b6612d3f14fa9f
Unapplied parent: 67f64c9e93d186382a8177452f9c93471cdedc8a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/natty-updates 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: c96454b221d1404ee9d98abb27578836be3a518a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/natty-security 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: c96454b221d1404ee9d98abb27578836be3a518a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/ubuntu/maverick-security 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-se...

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-applied version 2.4.2-2ubuntu0.4 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b9deaa841a31b13088e1c785f0b6612d3f14fa9f
Unapplied parent: 67f64c9e93d186382a8177452f9c93471cdedc8a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

ubuntu/natty-devel 2012-03-23 03:34:15 UTC 2012-03-23
Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-03-22 00:57:51 UTC

Import patches-unapplied version 2.4.4-1ubuntu2.3 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: c96454b221d1404ee9d98abb27578836be3a518a

New changelog entries:
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1126.patch: Perform better input
      sanitization when parsing properties. Based on upstream patch.
    - CVE-2012-1126
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1127.patch: Perform better input
      sanitization when parsing glyphs. Based on upstream patch.
    - CVE-2012-1127
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1128.patch: Improve loop logic to avoid
      NULL pointer dereference. Based on upstream patch.
    - CVE-2012-1128
  * SECURITY UPDATE: Denial of service via crafted Type42 font
    - debian/patches-freetype/CVE-2012-1129.patch: Perform better input
      sanitization when parsing SFNT strings. Based on upstream patch.
    - CVE-2012-1129
  * SECURITY UPDATE: Denial of service via crafted PCF font
    - debian/patches-freetype/CVE-2012-1130.patch: Allocate enough memory to
      properly NULL-terminate parsed properties strings. Based on upstream
      patch.
    - CVE-2012-1130
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1131.patch: Use appropriate data type to
      prevent integer truncation on 64 bit systems when rendering fonts. Based
      on upstream patch.
    - CVE-2012-1131
  * SECURITY UPDATE: Denial of service via crafted Type1 font
    - debian/patches-freetype/CVE-2012-1132.patch: Ensure strings are of
      appropriate length when loading Type1 fonts. Based on upstream patch.
    - CVE-2012-1132
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1133.patch: Limit range of negative
      glyph encoding values to prevent invalid array indexes. Based on
      upstream patch.
    - CVE-2012-1133
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted Type1 font
    - debian/patches-freetype/CVE-2012-1134.patch: Enforce a minimum Type1
      private dictionary size to prevent writing past array bounds. Based on
      upstream patch.
    - CVE-2012-1134
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1135.patch: Perform proper bounds
      checks when interpreting TrueType bytecode. Based on upstream patch.
    - CVE-2012-1135
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted BDF font
    - debian/patches-freetype/CVE-2012-1136.patch: Ensure encoding field is
      defined when parsing glyphs. Based on upstream patch.
    - CVE-2012-1136
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1137.patch: Allocate sufficient number
      of array elements to prevent reading past array bounds. Based on
      upstream patch.
    - CVE-2012-1137
  * SECURITY UPDATE: Denial of service via crafted TrueType font
    - debian/patches-freetype/CVE-2012-1138.patch: Correct typo resulting in
      invalid read from wrong memory location. Based on upstream patch.
    - CVE-2012-1138
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1139.patch: Check array index values to
      prevent reading invalid memory. Based on upstream patch.
    - CVE-2012-1139
  * SECURITY UPDATE: Denial of service via crafted PostScript font
    - debian/patches-freetype/CVE-2012-1140.patch: Fix off-by-one error in
      boundary checks. Based on upstream patch.
    - CVE-2012-1140
  * SECURITY UPDATE: Denial of service via crafted BDF font
    - debian/patches-freetype/CVE-2012-1141.patch: Initialize field elements
      to prevent invalid read. Based on upstream patch.
    - CVE-2012-1141
  * SECURITY UPDATE: Denial of service via crafted Windows FNT/FON font
    - debian/patches-freetype/CVE-2012-1142.patch: Perform input sanitization
      on first and last character code fields. Based on upstream patch.
    - CVE-2012-1142
  * SECURITY UPDATE: Denial of service via crafted font
    - debian/patches-freetype/CVE-2012-1143.patch: Protect against divide by
      zero when dealing with 32 bit types. Based on upstream patch.
    - CVE-2012-1143
  * SECURITY UPDATE: Denial of service and arbitrary code execution via
    crafted TrueType font
    - debian/patches-freetype/CVE-2012-1144.patch: Perform input sanitization
      on the first glyph outline point value. Based on upstream patch.
    - CVE-2012-1144

applied/debian/lenny 2012-03-10 15:11:34 UTC 2012-03-10
Import patches-applied version 2.3.7-2+lenny8 to applied/debian/lenny

Author: Michael Gilbert
Author Date: 2011-11-18 06:46:24 UTC

Import patches-applied version 2.3.7-2+lenny8 to applied/debian/lenny

Imported using git-ubuntu import.

Changelog parent: 4d004aa0ef8908eddd53713990a4a0c4ba056b8d
Unapplied parent: 0f6bd9699bd5a60c7e705136fc8440817bde86ad

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix CVE-2011-3439: vulnerability in CID-keyed Type 1 fonts.
  * Non-maintainer upload by the Security Team.
  * CVE-2011-3256

debian/lenny 2012-03-10 15:11:34 UTC 2012-03-10
Import patches-unapplied version 2.3.7-2+lenny8 to debian/lenny

Author: Michael Gilbert
Author Date: 2011-11-18 06:46:24 UTC

Import patches-unapplied version 2.3.7-2+lenny8 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: d61f897499724e3e1274a94a389432f574f33cdc

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix CVE-2011-3439: vulnerability in CID-keyed Type 1 fonts.
  * Non-maintainer upload by the Security Team.
  * CVE-2011-3256

ubuntu/oneiric 2011-08-08 14:03:45 UTC 2011-08-08
Import patches-unapplied version 2.4.4-2ubuntu1 to ubuntu/oneiric

Author: Marc Deslauriers
Author Date: 2011-08-08 12:13:07 UTC

Import patches-unapplied version 2.4.4-2ubuntu1 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 273b25bd262fe59d2f9256604544c705b099ddb3

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via crafted Type 1 font
    - debian/patches-freetype/CVE-2011-0226.patch: check for proper
      signedness in src/psaux/t1decode.c.
    - CVE-2011-0226
  * debian/rules: fix FTBFS with gcc 4.6 by adding
    -Wno-unused-but-set-variable to CFLAGS to downgrade it to a warning.

applied/ubuntu/oneiric 2011-08-08 14:03:45 UTC 2011-08-08
Import patches-applied version 2.4.4-2ubuntu1 to applied/ubuntu/oneiric

Author: Marc Deslauriers
Author Date: 2011-08-08 12:13:07 UTC

Import patches-applied version 2.4.4-2ubuntu1 to applied/ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 553f1b93c8b2229fd7134131b9f5cb70b0d4680a
Unapplied parent: a782949d3e29c0a0c14c4c49d73d844b98605b22

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via crafted Type 1 font
    - debian/patches-freetype/CVE-2011-0226.patch: check for proper
      signedness in src/psaux/t1decode.c.
    - CVE-2011-0226
  * debian/rules: fix FTBFS with gcc 4.6 by adding
    -Wno-unused-but-set-variable to CFLAGS to downgrade it to a warning.

applied/ubuntu/natty 2011-03-22 10:05:25 UTC 2011-03-22
Import patches-applied version 2.4.4-1ubuntu2 to applied/ubuntu/natty

Author: Steve Langasek
Author Date: 2011-03-22 05:50:45 UTC

Import patches-applied version 2.4.4-1ubuntu2 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 2543c76154a1c0aa6b95d18b6dd4248d01135ba5
Unapplied parent: 09462ee04e16a0875364bfe8da5edff6d9c5f631

New changelog entries:
  * No-change rebuild against fixed pkgbinarymangler, to get correct
    multiarch-safe changelogs

ubuntu/natty 2011-03-22 10:05:25 UTC 2011-03-22
Import patches-unapplied version 2.4.4-1ubuntu2 to ubuntu/natty

Author: Steve Langasek
Author Date: 2011-03-22 05:50:45 UTC

Import patches-unapplied version 2.4.4-1ubuntu2 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 0840e1e273e20afdbf128328bda72732aca5c5c1

New changelog entries:
  * No-change rebuild against fixed pkgbinarymangler, to get correct
    multiarch-safe changelogs

ubuntu/dapper-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 8422853f77396a2766b864ba01968e010aba4be1

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/dapper-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-se...

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: be6f5944e76c1284d0d5d3fe7202361458f5ab91
Unapplied parent: 394c3d952b988120f703fd4ffd2ee66a42290437

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/dapper-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-se...

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: be6f5944e76c1284d0d5d3fe7202361458f5ab91
Unapplied parent: 394c3d952b988120f703fd4ffd2ee66a42290437

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/dapper-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-se...

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-applied version 2.1.10-1ubuntu2.10 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: be6f5944e76c1284d0d5d3fe7202361458f5ab91
Unapplied parent: 394c3d952b988120f703fd4ffd2ee66a42290437

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

ubuntu/dapper-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 8422853f77396a2766b864ba01968e010aba4be1

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

ubuntu/dapper-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Author: Marc Deslauriers
Author Date: 2010-11-02 19:17:07 UTC

Import patches-unapplied version 2.1.10-1ubuntu2.10 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 8422853f77396a2766b864ba01968e010aba4be1

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/425-CVE-2010-3311.patch: correctly validate position
      in src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/karmic-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-secu...

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 6bb4d32c873d01c5fec99e9acbd6b1f4fb5b03ee
Unapplied parent: 1f99dd6cd83fcc151e4964a4f701c15d78e00b96

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/karmic-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-secu...

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 6bb4d32c873d01c5fec99e9acbd6b1f4fb5b03ee
Unapplied parent: 1f99dd6cd83fcc151e4964a4f701c15d78e00b96

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

ubuntu/karmic-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 057f9310dc0a696f367f4224933b1938b6cfe1bd

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

ubuntu/karmic-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 057f9310dc0a696f367f4224933b1938b6cfe1bd

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

ubuntu/karmic-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-unapplied version 2.3.9-5ubuntu0.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 057f9310dc0a696f367f4224933b1938b6cfe1bd

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/karmic-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-secu...

Author: Marc Deslauriers
Author Date: 2010-11-02 18:54:40 UTC

Import patches-applied version 2.3.9-5ubuntu0.4 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 6bb4d32c873d01c5fec99e9acbd6b1f4fb5b03ee
Unapplied parent: 1f99dd6cd83fcc151e4964a4f701c15d78e00b96

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855

applied/ubuntu/maverick 2010-08-28 21:18:52 UTC 2010-08-28
Import patches-applied version 2.4.2-2 to applied/debian/sid

Author: Steve Langasek
Author Date: 2010-08-28 02:27:15 UTC

Import patches-applied version 2.4.2-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 5aadf30f084d37549f3b52ac9aade958df960e9e
Unapplied parent: 55cdf82c0557b64bf8d0559e3a3dd7701a6a0640

New changelog entries:
  * debian/patches-ft2demos/f2tdemos-grkey.patch: update to fix another
    problem when building under gcc-4.5 that was overlooked in the previous
    version of the patch. LP: #624740.

ubuntu/maverick 2010-08-28 21:18:52 UTC 2010-08-28
Import patches-unapplied version 2.4.2-2 to debian/sid

Author: Steve Langasek
Author Date: 2010-08-28 02:27:15 UTC

Import patches-unapplied version 2.4.2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 52a584165e9f596225d231b942111e1c6efe588b

New changelog entries:
  * debian/patches-ft2demos/f2tdemos-grkey.patch: update to fix another
    problem when building under gcc-4.5 that was overlooked in the previous
    version of the patch. LP: #624740.

101200 of 264 results

Other repositories

Name Last Modified
lp:ubuntu/+source/freetype 2019-09-15
11 of 1 result
You can't create new repositories for freetype in Ubuntu.