ubuntu/+source/freetype:applied/ubuntu/yakkety-updates

Last commit made on 2017-05-09
Get this branch:
git clone -b applied/ubuntu/yakkety-updates https://git.launchpad.net/ubuntu/+source/freetype
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/yakkety-updates
Repository:
lp:ubuntu/+source/freetype

Recent commits

d015c23... by Marc Deslauriers on 2017-05-04

Import patches-applied version 2.6.3-3ubuntu1.3 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: c0bcf25b27f97616a50ae14c2ca86d9628f917ec
Unapplied parent: 113399603bbfd633874189d1f37b77cce6f3a739

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

1133996... by Marc Deslauriers on 2017-05-04

Import patches-unapplied version 2.6.3-3ubuntu1.3 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 02c9fbd20e6fc510a3d7d4f1020a5f8f813c0206

New changelog entries:
  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

c0bcf25... by Steve Beattie on 2017-04-20

Import patches-applied version 2.6.3-3ubuntu1.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 3de02ef28e0286548d46b49379bd520c6bf9cc20
Unapplied parent: 02c9fbd20e6fc510a3d7d4f1020a5f8f813c0206

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

02c9fbd... by Steve Beattie on 2017-04-20

Import patches-unapplied version 2.6.3-3ubuntu1.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 7a15f8046499acb049264135d037f63563be0c83

New changelog entries:
  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

3de02ef... by Marc Deslauriers on 2017-03-16

Import patches-applied version 2.6.3-3ubuntu1.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: bc09eff587aa6c692fa88e9f65d9526e73f48555
Unapplied parent: 7a15f8046499acb049264135d037f63563be0c83

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

7a15f80... by Marc Deslauriers on 2017-03-16

Import patches-unapplied version 2.6.3-3ubuntu1.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 984d34c200e9b76a948514f4def0b76a94139fa5

New changelog entries:
  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

bc09eff... by Matthias Klose on 2016-04-27

Import patches-applied version 2.6.3-3ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 40b4f215b27ded88a49148795ac96d8ee469fd64
Unapplied parent: 984d34c200e9b76a948514f4def0b76a94139fa5

New changelog entries:
  * Merge with Debian; remaining changes:
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/freetype/config headers into the multiarch
      include path and provide symlinks in /usr/include.
    - debian/patches/0001-Revert-pcf-Signedness-fixes.patch: revert signedness
      fixes in pcf which break grub-mkfont (limits glyphs to 32768, which drops
      most zh_CN glyphs and probably others). (LP: #1559933)

984d34c... by Matthias Klose on 2016-04-27

Import patches-unapplied version 2.6.3-3ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 49b19bad1056e84bd0f5cafdd89e7f02543c6419

New changelog entries:
  * Merge with Debian; remaining changes:
    - Make libfreetype6-dev M-A: same.
    - Error out on the use of the freetype-config --libtool option.
    - Don't add multiarch libdirs for freetype-config --libs.
    - Install the freetype2/freetype/config headers into the multiarch
      include path and provide symlinks in /usr/include.
    - debian/patches/0001-Revert-pcf-Signedness-fixes.patch: revert signedness
      fixes in pcf which break grub-mkfont (limits glyphs to 32768, which drops
      most zh_CN glyphs and probably others). (LP: #1559933)

40b4f21... by Steve Langasek on 2016-03-01

Import patches-applied version 2.6.3-3 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: ddca749204774df58193b68daeef5636fcab37ee
Unapplied parent: 49b19bad1056e84bd0f5cafdd89e7f02543c6419

New changelog entries:
  * Install the now-available-upstream manpages for freetype-demos.
    Closes: #131137.
  * Register all of the HTML documentation with doc-base. Closes: #451660.
  * Suppress lintian warning about symbols file declaring dependency on
    other package, which is entirely by design.
  * Adjust symbols file to actually produce invalid dependencies when
    internal symbols are used, as intended.
  * New upstream release. Closes: #812518, LP: #1521299
    - stem darkening now disabled by default. Closes: #801370.
  * Avoid marking private symbols as supported from 2.6.1 on. Apparently
    dpkg-gensymbols doesn't do what I expected for this kind of declaration
    anyway, but we should at least avoid marking them wrong in the source.
  * Update to Standards-Version 3.9.7.

49b19ba... by Steve Langasek on 2016-03-01

Import patches-unapplied version 2.6.3-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8216aa5a00e59200504ed5fe1c31b4f0bc4bda42

New changelog entries:
  * Install the now-available-upstream manpages for freetype-demos.
    Closes: #131137.
  * Register all of the HTML documentation with doc-base. Closes: #451660.
  * Suppress lintian warning about symbols file declaring dependency on
    other package, which is entirely by design.
  * Adjust symbols file to actually produce invalid dependencies when
    internal symbols are used, as intended.
  * New upstream release. Closes: #812518, LP: #1521299
    - stem darkening now disabled by default. Closes: #801370.
  * Avoid marking private symbols as supported from 2.6.1 on. Apparently
    dpkg-gensymbols doesn't do what I expected for this kind of declaration
    anyway, but we should at least avoid marking them wrong in the source.
  * Update to Standards-Version 3.9.7.