ubuntu/+source/libxfont:applied/ubuntu/lucid-updates

Last commit made on 2015-03-18
Get this branch:
git clone -b applied/ubuntu/lucid-updates https://git.launchpad.net/ubuntu/+source/libxfont
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/lucid-updates
Repository:
lp:ubuntu/+source/libxfont

Recent commits

6d6f7e5... by Marc Deslauriers on 2015-03-18

Import patches-applied version 1:1.4.1-1ubuntu0.4 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 0cbada4c3d16811ddfdbb058cceabbca11b9d7b2
Unapplied parent: 467a68bd71c4e5febb0eb93c2ede46c5835a83e3

New changelog entries:
  * SECURITY UPDATE: arbitrary code exection via invalid property count
    - debian/patches/CVE-2015-1802.patch: check for integer overflow in
      src/bitmap/bdfread.c.
    - CVE-2015-1802
  * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
    - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
      in src/bitmap/bdfread.c.
    - CVE-2015-1803
  * SECURITY UPDATE: arbitrary code execution via invalid metrics
    - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
      src/bitmap/bdfread.c.
    - CVE-2015-1804

467a68b... by Marc Deslauriers on 2015-03-18

Import patches-unapplied version 1:1.4.1-1ubuntu0.4 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 6643662c100b76bf1211df90f43e8f6c9bf0e7dc

New changelog entries:
  * SECURITY UPDATE: arbitrary code exection via invalid property count
    - debian/patches/CVE-2015-1802.patch: check for integer overflow in
      src/bitmap/bdfread.c.
    - CVE-2015-1802
  * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
    - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
      in src/bitmap/bdfread.c.
    - CVE-2015-1803
  * SECURITY UPDATE: arbitrary code execution via invalid metrics
    - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
      src/bitmap/bdfread.c.
    - CVE-2015-1804

0cbada4... by Marc Deslauriers on 2014-05-13

Import patches-applied version 1:1.4.1-1ubuntu0.3 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 9032e98a265efa66630b972be7797fa1a6732445
Unapplied parent: 6643662c100b76bf1211df90f43e8f6c9bf0e7dc

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    font metadata file parsing
    - debian/patches/CVE-2014-0209.patch: check for overflows in
      src/fontfile/dirfile.c, src/fontfile/fontdir.c.
    - CVE-2014-0209
  * SECURITY UPDATE: denial of service and possible code execution via
    xfs font server replies
    - debian/patches/CVE-2014-021x.patch: check lengths and sizes in
      src/fc/fsconvert.c, src/fc/fserve.c.
    - CVE-2014-0210
    - CVE-2014-0211

6643662... by Marc Deslauriers on 2014-05-13

Import patches-unapplied version 1:1.4.1-1ubuntu0.3 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: d80c87acc1dc1dc733c42967ee0b9907f1f246e7

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    font metadata file parsing
    - debian/patches/CVE-2014-0209.patch: check for overflows in
      src/fontfile/dirfile.c, src/fontfile/fontdir.c.
    - CVE-2014-0209
  * SECURITY UPDATE: denial of service and possible code execution via
    xfs font server replies
    - debian/patches/CVE-2014-021x.patch: check lengths and sizes in
      src/fc/fsconvert.c, src/fc/fserve.c.
    - CVE-2014-0210
    - CVE-2014-0211

9032e98... by Marc Deslauriers on 2013-12-30

Import patches-applied version 1:1.4.1-1ubuntu0.2 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: fda928bd1f4d524415d8cf7caf262c89448c524c
Unapplied parent: d80c87acc1dc1dc733c42967ee0b9907f1f246e7

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    stack overflow
    - debian/patches/CVE-2013-6462.patch: limit sscanf field in
      src/bitmap/bdfread.c.
    - CVE-2013-6462

d80c87a... by Marc Deslauriers on 2013-12-30

Import patches-unapplied version 1:1.4.1-1ubuntu0.2 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 8e88f0befa0b8d4537e7eecd00f6007b70cba631

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    stack overflow
    - debian/patches/CVE-2013-6462.patch: limit sscanf field in
      src/bitmap/bdfread.c.
    - CVE-2013-6462

fda928b... by Marc Deslauriers on 2011-08-11

Import patches-applied version 1:1.4.1-1ubuntu0.1 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 2e9682d19eb6a6059a509cfe74cbac86a6a9035e
Unapplied parent: 8e88f0befa0b8d4537e7eecd00f6007b70cba631

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via overflow
    - debian/patches/CVE-2011-2895.patch: check remaining length in
      src/fontfile/decompress.c.
    - CVE-2011-2895

8e88f0b... by Marc Deslauriers on 2011-08-11

Import patches-unapplied version 1:1.4.1-1ubuntu0.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: ef0b881156d6615c679e22ab5cab840439cd2cd1

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via overflow
    - debian/patches/CVE-2011-2895.patch: check remaining length in
      src/fontfile/decompress.c.
    - CVE-2011-2895

2e9682d... by Julien Cristau on 2009-12-02

Import patches-applied version 1:1.4.1-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 8b5e0bd89c036edc52855727e6d26f3a8ecc6b3d
Unapplied parent: ef0b881156d6615c679e22ab5cab840439cd2cd1

New changelog entries:
  * New upstream release.
  * Bump xutils-dev build-dep for new util-macros.
  * Build documentation, install it in libxfont-dev.
  * Enable support for bzip2 compressed bitmap fonts.
  * Don't use LDFLAGS from the environment. Ubuntu sets that to
    -Bsymbolic-functions, which breaks libXfont's weak symbols usage.

ef0b881... by Julien Cristau on 2009-12-02

Import patches-unapplied version 1:1.4.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b26cf92baff24eba1bb6903f9fe14656ead38652

New changelog entries:
  * New upstream release.
  * Bump xutils-dev build-dep for new util-macros.
  * Build documentation, install it in libxfont-dev.
  * Enable support for bzip2 compressed bitmap fonts.
  * Don't use LDFLAGS from the environment. Ubuntu sets that to
    -Bsymbolic-functions, which breaks libXfont's weak symbols usage.