Ubuntu
libxfont package

lp:ubuntu/edgy-updates/libxfont

Edgy (6.10)
edgy-updates

Created by James Westby on 2009-06-27 and last modified on 2009-06-27

Get this branch:: bzr branch lp:ubuntu/edgy-updates/libxfont

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Development

Recent revisions

11. By Kees Cook on 2008-01-17: * SECURITY UPDATE: overflow in PCF font handling.
* Added fix_CVE-2008-0006.patch: backported from upstream commit
(b76df66d2c507898472bba0f9986ef5700029a36)
10. By Kees Cook on 2007-03-29: * SECURITY UPDATE: root privilege escalation with BDF font overflows.
* Add debian/patches/50_bdf_overflows.patch: upstream fix.
* References
CVE-2007-1351 CVE-2007-1352
9. By Martin Pitt on 2006-09-11: * SECURITY UPDATE: Root privilege escalation with crafted Type1 CID fonts.
* Add debian/patches/cid-int-overflows.diff:
  - lib/font/Type1/afm.c: Fix integer overflow in CIDAFM(). [CVE-2006-3739]
  - lib/font/Type1/scanfont.c: Fix integer overflow in scan_cidfont().
    [CVE-2006-3740]
8. By Martin Pitt on 2006-09-06: * SECURITY UPDATE: DoS (X server crash) and possible root privilege escalation.
* Add debian/patches/pcf-int-overflow.diff:
  - src/bitmap/pcfread.c: Check for integer overflows when parsing PCF font
    files to prevent exploitable buffer overflow.
  - Patch taken from upstream git:
    http://gitweb.freedesktop.org/?p=xorg/lib/libXfont.git;a=commit;h=8d171fe61e564d8ed8f75034d4191062cecf190b
* CVE-2006-3467
7. By Rodrigo Parra Novo <email address hidden> on 2006-07-19: * New Upstream version
* Dropped (empty) patch directory
* Re-Dropped libfontcache.so.0 from libxfont1.install
6. By Rodrigo Parra Novo <email address hidden> on 2006-07-11: Added patch from https://bugs.freedesktop.org/attachment.cgi?id=6033,
based on information from
https://bugs.freedesktop.org/show_bug.cgi?id=6918, to enable libxfont to
be compiled with FreeType 2.2
(this patch won't be necessary when libxfont is updated to current CVS
version, but this is for XOrg 7.1only)
5. By Rodrigo Parra Novo <email address hidden> on 2006-07-07: * Manual sync with Debian (due to mismatched md5sum for orig.tar.gz)
* Re-drop libfontcache from merged package
4. By Daniel Stone <email address hidden> on 2006-01-19: Change dependency on x-common to x11-common.
3. By Daniel Stone <email address hidden> on 2005-12-21: Add libfontenc-dev and libfreetype6-dev to libxfont-dev, per
Requires.private.
2. By Daniel Stone <email address hidden> on 2005-09-09: Fix the XFONT_FONTCACHE/FONTCACHE define in configure.ac (close:
Ubuntu#14319).

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/libxfont

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntulibxfont package