ubuntu/+source/freetype:applied/ubuntu/precise-updates

Last commit made on 2017-05-16
Get this branch:
git clone -b applied/ubuntu/precise-updates https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/precise-updates
Repository:
lp:ubuntu/+source/freetype

Recent commits

63e6b52... by Emily Ratliff on 2017-05-16

Import patches-applied version 2.4.8-1ubuntu2.6 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 45c09934dd614d7a66fea1ed556ccdb7c11d4d54
Unapplied parent: fdcc2da25df9c7c864cef6babc256da333671c00

New changelog entries:
  [ Marc Deslauriers ]
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

fdcc2da... by Emily Ratliff on 2017-05-16

Import patches-unapplied version 2.4.8-1ubuntu2.6 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: eec5959ac51ae5fb052df9cd20c2a67530cf88e8

New changelog entries:
  [ Marc Deslauriers ]
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

45c0993... by Steve Beattie on 2017-04-18

Import patches-applied version 2.4.8-1ubuntu2.5 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 3098b06138bb22331471c30ec5521561eb0d43fe
Unapplied parent: eec5959ac51ae5fb052df9cd20c2a67530cf88e8

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

eec5959... by Steve Beattie on 2017-04-18

Import patches-unapplied version 2.4.8-1ubuntu2.5 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: e52e744ab7b362d9ea9c1f5afdd2d39c850515df

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

3098b06... by Marc Deslauriers on 2017-03-16

Import patches-applied version 2.4.8-1ubuntu2.4 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 472671038f927d915f48901aa57a90c2a7dd3f84
Unapplied parent: e52e744ab7b362d9ea9c1f5afdd2d39c850515df

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

e52e744... by Marc Deslauriers on 2017-03-16

Import patches-unapplied version 2.4.8-1ubuntu2.4 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: df63c2a776668f375f29cda3185fbf4cfd3779c7

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

4726710... by Marc Deslauriers on 2015-09-10

Import patches-applied version 2.4.8-1ubuntu2.3 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 53ccd3fff6dd06019e0e404c688b7cca4a02e734
Unapplied parent: df63c2a776668f375f29cda3185fbf4cfd3779c7

New changelog entries:
  * SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
    - debian/patches-freetype/savannah-bug-41309.patch: fix use of
      uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
      src/type1/t1load.c, src/type42/t42parse.c.
    - No CVE number
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

df63c2a... by Marc Deslauriers on 2015-09-10

Import patches-unapplied version 2.4.8-1ubuntu2.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5992b6700bfc8f41f05221116c742e330c43b9d3

New changelog entries:
  * SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
    - debian/patches-freetype/savannah-bug-41309.patch: fix use of
      uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
      src/type1/t1load.c, src/type42/t42parse.c.
    - No CVE number
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

53ccd3f... by Marc Deslauriers on 2015-02-24

Import patches-applied version 2.4.8-1ubuntu2.2 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5653ed0176a370e3a4939b88dc0209d73a7aa466
Unapplied parent: 5992b6700bfc8f41f05221116c742e330c43b9d3

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675

5992b67... by Marc Deslauriers on 2015-02-24

Import patches-unapplied version 2.4.8-1ubuntu2.2 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: fbecc9f25c9394d01145bcae749df774440e7d96

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675