ubuntu/+source/freetype:applied/ubuntu/xenial-updates

Last commit made on 2019-09-09
Get this branch:
git clone -b applied/ubuntu/xenial-updates https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-updates
Repository:
lp:ubuntu/+source/freetype

Recent commits

9096392... by Leonidas S. Barbosa on 2019-09-05

Import patches-applied version 2.6.1-0.1ubuntu2.4 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: f0841da2937bc5fc02f84048d580d4cee81cea89
Unapplied parent: 9b4a8702b51ec25355eb7673de7654fdf09d5dbc

New changelog entries:
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches-freetype/CVE-2015-9383.patch: check
      limit before accessing 'numRanges' and numMappings in
      src/sfnt/ttcmap.c.
    - CVE-2015-9383

9b4a870... by Leonidas S. Barbosa on 2019-09-05

Import patches-unapplied version 2.6.1-0.1ubuntu2.4 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 637f5db9d7be19ae91c2b695c394d0de7b5f2812

New changelog entries:
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches-freetype/CVE-2015-9383.patch: check
      limit before accessing 'numRanges' and numMappings in
      src/sfnt/ttcmap.c.
    - CVE-2015-9383

f0841da... by Marc Deslauriers on 2017-05-04

Import patches-applied version 2.6.1-0.1ubuntu2.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 13dc7689582d75e0425bf65150cc9cf52421e440
Unapplied parent: 637f5db9d7be19ae91c2b695c394d0de7b5f2812

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

637f5db... by Marc Deslauriers on 2017-05-04

Import patches-unapplied version 2.6.1-0.1ubuntu2.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d1be815d163db2728dd23a7931d97640812d0b46

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

13dc768... by Steve Beattie on 2017-04-20

Import patches-applied version 2.6.1-0.1ubuntu2.2 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 3dadd509df925d4488d60e56c2ca8d6b01fddce5
Unapplied parent: d1be815d163db2728dd23a7931d97640812d0b46

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

d1be815... by Steve Beattie on 2017-04-20

Import patches-unapplied version 2.6.1-0.1ubuntu2.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ae0c803a410baa4fa7040ef1db17b92950404ef5

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

3dadd50... by Marc Deslauriers on 2017-03-16

Import patches-applied version 2.6.1-0.1ubuntu2.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 977feec9ae5bc0dbec15371b2e7f750e5049d19d
Unapplied parent: ae0c803a410baa4fa7040ef1db17b92950404ef5

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

ae0c803... by Marc Deslauriers on 2017-03-16

Import patches-unapplied version 2.6.1-0.1ubuntu2.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ee19457d9c11f4b3af9c90653d2bbe87ead5a44a

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

977feec... by Mathieu Trudel-Lapierre on 2016-04-15

Import patches-applied version 2.6.1-0.1ubuntu2 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 703940e71391d6a3cf8e7ea262ffd2cfdb167b4e
Unapplied parent: ee19457d9c11f4b3af9c90653d2bbe87ead5a44a

New changelog entries:
  * debian/patches/0001-Revert-pcf-Signedness-fixes.patch: revert signedness
    fixes in pcf which break grub-mkfont (limits glyphs to 32768, which drops
    most zh_CN glyphs and probably others). (LP: #1559933)

ee19457... by Mathieu Trudel-Lapierre on 2016-04-15

Import patches-unapplied version 2.6.1-0.1ubuntu2 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: efaf1321169e8d1f1233b2de9209a2b166d04364

New changelog entries:
  * debian/patches/0001-Revert-pcf-Signedness-fixes.patch: revert signedness
    fixes in pcf which break grub-mkfont (limits glyphs to 32768, which drops
    most zh_CN glyphs and probably others). (LP: #1559933)