ubuntu/+source/fontforge:applied/ubuntu/xenial-security

Last commit made on 2018-12-20
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/fontforge
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/fontforge

Recent commits

ad70181... by Mike Salvatore on 2018-12-13

Import patches-applied version 20120731.b-7.1ubuntu0.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9e3d8f19165a2a13db70a3fbc4ffe326ac18cd9e
Unapplied parent: fe3749d9f6c960918a82b4ec4294f2d4ddc6705f

New changelog entries:
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2017-11568.patch: fix out
      of bounds read condition and buffer overflow in
      fontforge/parsettf.c, fontforge/psread.c,
      fontforge/tottf.c.
    - CVE-2017-11568
  * SECURITY UPDATE: heap-based buffer over-read in
    readttfcopyrights
    - debian/patches/CVE-2017-11569-and-2017-11575.patch: fix
      out of bounds read condition in fontforge/parsettf.c.
    - CVE-2017-11569
    - CVE-2017-11575
  * SECURITY UPDATE: stack-based buffer overflow
    - debian/patches/CVE-2017-11571.patch: fix buffer overflow
      in fontforge/parsettf.c.
    - CVE-2017-11571
  * SECURITY UPDATE: stack underflow condition in
    readcfftopdicts
    - debian/patches/CVE-2017-11572-and-2017-11576.patch: prevent
      stack uderflow condition in fontforge/parsettf.c.
    - CVE-2017-11572
    - CVE-2017-11576
  * SECURITY UPDATE: heap-based buffer overflow in readcffset
    - debian/patches/CVE-2017-11574.patch: fix buffer condition
      in fontforge/parsetff.c.
    - CVE-2017-11574
  * SECURITY UPDATE: buffer over-read in getsid
    - debian/patches/CVE-2017-11577.patch: fix out of bounds read
      in fontforge/parsettf.c
    - CVE-2017-11577

fe3749d... by Mike Salvatore on 2018-12-13

[PATCH 3/6] Fix out of bounds read condition and buffer overflow

Gbp-Pq: CVE-2017-11568.patch.

253d0d6... by Mike Salvatore on 2018-12-13

[PATCH] parsettf.c: Fix out of bounds read condition on buffer

Gbp-Pq: CVE-2017-11569-and-2017-11575.patch.

a539a64... by Mike Salvatore on 2018-12-13

[PATCH] parsettf.c: Fix buffer overflow condition when reading CFF

Gbp-Pq: CVE-2017-11571.patch.

943f414... by Mike Salvatore on 2018-12-13

[PATCH] readcfftopdict: Prevent stack underflow condition

Gbp-Pq: CVE-2017-11572-and-CVE-2017-2017-11576.patch.

a8ea369... by Mike Salvatore on 2018-12-13

[PATCH] parsettf.c: Fix buffer overrun condition

Gbp-Pq: CVE-2017-11574.patch.

08df88e... by Mike Salvatore on 2018-12-13

[PATCH] Fix out of bounds read in getsid

Gbp-Pq: CVE-2017-11577.patch.

0869853... by Mike Salvatore on 2018-12-13

giflib5.diff

No DEP3 Subject or Description header found

Gbp-Pq: giflib5.diff.

47c0a51... by Mike Salvatore on 2018-12-13

just ignore .pc files for git

Gbp-Pq: gitignore.

1b1cbab... by Mike Salvatore on 2018-12-13

define SHELL in makefiles

Gbp-Pq: 671971.diff.