ubuntu/+source/freetype:applied/ubuntu/jaunty-updates

Last commit made on 2010-08-17
Get this branch:
git clone -b applied/ubuntu/jaunty-updates https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/jaunty-updates
Repository:
lp:ubuntu/+source/freetype

Recent commits

b380935... by Marc Deslauriers on 2010-08-13

Import patches-applied version 2.3.9-4ubuntu0.3 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 01ea8c50f04e90a88ce15b3cd807572bca2eb83d
Unapplied parent: 82199a755d30d2b0df87fcfd0990793c8c99381c

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

82199a7... by Marc Deslauriers on 2010-08-13

Import patches-unapplied version 2.3.9-4ubuntu0.3 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 5b4f42862ac9e57b454f8eef569c436b1ece4276

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.

01ea8c5... by Marc Deslauriers on 2010-07-15

Import patches-applied version 2.3.9-4ubuntu0.2 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 42fb6fac29d6785e9797ea7a07414b0cfe6b4a1b
Unapplied parent: 5b4f42862ac9e57b454f8eef569c436b1ece4276

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via invalid free
    - debian/patches/CVE-2010-2498.patch: validate number of points in
      src/pshinter/pshalgo.c.
    - CVE-2010-2498
  * SECURITY UPDATE: arbitrary code execution via buffer overflow
    - debian/patches/CVE-2010-2499.patch: check positions and return code
      in src/base/ftobjs.c.
    - CVE-2010-2499
  * SECURITY UPDATE: arbitrary code execution via integer overflow
    - debian/patches/CVE-2010-2500.patch: switch to unsigned in
      src/smooth/ftgrays.c, check signed width and height in
      src/smooth/ftsmooth.c.
    - CVE-2010-2500
  * SECURITY UPDATE: arbitrary code execution via heap buffer overflow
    - debian/patches/CVE-2010-2519.patch: correctly calculate length in
      src/base/ftobjs.c.
    - CVE-2010-2519
  * SECURITY UPDATE: arbitrary code execution via invalid realloc
    - debian/patches/CVE-2010-2520.patch: perform bounds checking in
      src/truetype/ttinterp.c.
    - CVE-2010-2520
  * SECURITY UPDATE: arbitrary code execution via buffer overflows
    - debian/patches/CVE-2010-2527.patch: change buffer sizes in
      src/{ftdiff,ftgrid,ftmulti,ftstring,ftview}.c.
    - CVE-2010-2527

5b4f428... by Marc Deslauriers on 2010-07-15

Import patches-unapplied version 2.3.9-4ubuntu0.2 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: c9be42a588a8d2678046ffc179e1acf5d3a7a717

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via invalid free
    - debian/patches/CVE-2010-2498.patch: validate number of points in
      src/pshinter/pshalgo.c.
    - CVE-2010-2498
  * SECURITY UPDATE: arbitrary code execution via buffer overflow
    - debian/patches/CVE-2010-2499.patch: check positions and return code
      in src/base/ftobjs.c.
    - CVE-2010-2499
  * SECURITY UPDATE: arbitrary code execution via integer overflow
    - debian/patches/CVE-2010-2500.patch: switch to unsigned in
      src/smooth/ftgrays.c, check signed width and height in
      src/smooth/ftsmooth.c.
    - CVE-2010-2500
  * SECURITY UPDATE: arbitrary code execution via heap buffer overflow
    - debian/patches/CVE-2010-2519.patch: correctly calculate length in
      src/base/ftobjs.c.
    - CVE-2010-2519
  * SECURITY UPDATE: arbitrary code execution via invalid realloc
    - debian/patches/CVE-2010-2520.patch: perform bounds checking in
      src/truetype/ttinterp.c.
    - CVE-2010-2520
  * SECURITY UPDATE: arbitrary code execution via buffer overflows
    - debian/patches/CVE-2010-2527.patch: change buffer sizes in
      src/{ftdiff,ftgrid,ftmulti,ftstring,ftview}.c.
    - CVE-2010-2527

42fb6fa... by Marc Deslauriers on 2009-04-22

Import patches-applied version 2.3.9-4ubuntu0.1 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: bcbfac41f412be8f9bf579cd1f5308755df1c368
Unapplied parent: c9be42a588a8d2678046ffc179e1acf5d3a7a717

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

c9be42a... by Marc Deslauriers on 2009-04-22

Import patches-unapplied version 2.3.9-4ubuntu0.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: ef4d061cc53b8d29bf606f4b592f460a18ff3486

New changelog entries:
  * SECURITY UPDATE: possible code execution via multiple integer overflows
    - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
      values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
      don't overflow int with table + length or ndp + numMappings * 4 in
      src/sfnt/ttcmap.c, validate glyph width and height in
      src/smooth/ftsmooth.c.
    - CVE-2009-0946

bcbfac4... by Colin Watson on 2009-03-19

Import patches-applied version 2.3.9-4build1 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 40895ac71e24bab4f9888d9249f1c4321bb30af5
Unapplied parent: ef4d061cc53b8d29bf606f4b592f460a18ff3486

New changelog entries:
  * No-change rebuild to fix lpia shared library dependencies.

ef4d061... by Colin Watson on 2009-03-19

Import patches-unapplied version 2.3.9-4build1 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 4033d96486ed9e1d40415e9bf20c6baf083ab416

New changelog entries:
  * No-change rebuild to fix lpia shared library dependencies.

40895ac... by Steve Langasek on 2009-03-14

Import patches-applied version 2.3.9-4 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: b9742be2c18726cc2de95fe16fc16f7af36fc22c
Unapplied parent: 4033d96486ed9e1d40415e9bf20c6baf083ab416

New changelog entries:
  * debian/patches-ft2demos/compiler-hardening-fixes.patch: always check the
    return value of fread(), to appease hardened compilers such as what's
    used in Ubuntu by default. Set a good example, even if these demos
    shouldn't be security-sensitive! Also, along the way catch and fix a
    small memory leak on error. :)
  * debian/patches-freetype/proper-armel-asm-declaration.patch: use __asm__
    for declaring assembly instead of asm, fixing a build failure on armel.

4033d96... by Steve Langasek on 2009-03-14

Import patches-unapplied version 2.3.9-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ddc43b817ac9c8904e19dff186d4ee9dede9023b

New changelog entries:
  * debian/patches-ft2demos/compiler-hardening-fixes.patch: always check the
    return value of fread(), to appease hardened compilers such as what's
    used in Ubuntu by default. Set a good example, even if these demos
    shouldn't be security-sensitive! Also, along the way catch and fix a
    small memory leak on error. :)
  * debian/patches-freetype/proper-armel-asm-declaration.patch: use __asm__
    for declaring assembly instead of asm, fixing a build failure on armel.