ubuntu/+source/libxfont:ubuntu/artful

Last commit made on 2017-10-09
Get this branch:
git clone -b ubuntu/artful https://git.launchpad.net/ubuntu/+source/libxfont
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/artful
Repository:
lp:ubuntu/+source/libxfont

Recent commits

0980c49... by Marc Deslauriers on 2017-10-06

Import patches-unapplied version 1:2.0.1-3ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: d2bb70f8af71ac9b33435f59de04477c9fbe7a15

New changelog entries:
  * SECURITY UPDATE: invalid memory read in PatternMatch
    - debian/patches/CVE-2017-13720.patch: check for end of string in
      src/fontfile/fontdir.c.
    - CVE-2017-13720
  * SECURITY UPDATE: DoS or info leak via malformed PCF file
    - debian/patches/CVE-2017-13722.patch: check string boundaries in
      src/bitmap/pcfread.c.
    - CVE-2017-13722

d2bb70f... by Timo Aaltonen on 2016-11-24

Import patches-unapplied version 1:2.0.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4de263551232037abf45d98434d4bce0f780a778

New changelog entries:
  [ Andreas Boll ]
  * Remove dh-autoreconf build-dep. Not needed with debhelper 10.
  * Remove obsolete Conflicts from pre-wheezy.
  * Update a bunch of URLs in packaging to https.
  * Remove superfluous --libdir from dh_auto_configure. Not needed with
    debhelper compat level >= 9.

4de2635... by Emilio Pozuelo Monfort <email address hidden> on 2016-11-22

Import patches-unapplied version 1:2.0.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2c584639b6a453c7bedb0e27f4c15f2dc8c10833

New changelog entries:
  * Switch to -dbgsym packages.
  * Bump debhelper compat to 10. Drop --with quilt and --parallel flags,
    they are enabled by default now.
  * Upload to unstable.

2c58463... by Timo Aaltonen on 2016-09-28

Import patches-unapplied version 1:2.0.1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: e35357dd9efa767edc48e7e3faf1b56c324b307a

New changelog entries:
  * Team upload.
  * New upstream release.
  * Add Keith Packard's key to debian/upstream/signing-key.asc.
  * watch: Updated to match upstream rename to libXfont2.
  * control, rules, *.install: Changes to match new soname.
  * control: Add myself to uploaders.

e35357d... by Julien Cristau on 2016-09-24

Import patches-unapplied version 1:1.5.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5eac1ae7567e6cbba052fdc29aeb0c19a3e4349a

New changelog entries:
  * Team upload.
  * New upstream release.
  * Use https URL in watch file.
  * Add Adam Jackson's key to debian/upstream/signing-key.asc.
  * Bump Standards-Version to 3.9.8.
  * Use https URLs in Vcs-* control fields.
  * Remove Drew from Uploaders.

5eac1ae... by Julien Cristau on 2015-03-17

Import patches-unapplied version 1:1.5.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 698a2b7f423756164929c95bfa57245f526af2b9

New changelog entries:
  * New upstream release
    + bdfReadProperties: property count needs range check [CVE-2015-1802]
    + bdfReadCharacters: bailout if a char's bitmap cannot be read
      [CVE-2015-1803]
    + bdfReadCharacters: ensure metrics fit into xCharInfo struct
      [CVE-2015-1804]

698a2b7... by Julien Cristau on 2014-07-12

Import patches-unapplied version 1:1.4.99.901-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1166f427fea11d026b7463292e0d55d3a6e388c0

New changelog entries:
  * New upstream release candidate.
    + includes the CVE-2014-{0209,0210,0211} patches
  * Remove Cyril from Uploaders.
  * Allow uscan to verify tarball signature.

1166f42... by Julien Cristau on 2014-05-13

Import patches-unapplied version 1:1.4.7-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 05c9f70de42c9f3635447a43560b9e4d754b8221

New changelog entries:
  * Pull from upstream git to fix FTBFS with new fontsproto (closes: #746052)
  * CVE-2014-0209: integer overflow of allocations in font metadata
  * CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
  * CVE-2014-0211: integer overflows calculating memory needs for xfs replies
  * Add breaks on xfs because we broke it by disabling font protocol support
    in 1.4.7.

05c9f70... by Julien Cristau on 2014-01-07

Import patches-unapplied version 1:1.4.7-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9366b44d71d5183b688d6c0ff98814cf434514ea

New changelog entries:
  * New upstream release
    + CVE-2013-6462: unlimited sscanf overflows stack buffer in
      bdfReadCharacters()
  * Don't put dbg symbols from the udeb in the dbg package.
  * dev package is no longer Multi-Arch: same (closes: #720026).
  * Disable support for connecting to a font server. That code is horrible and
    full of holes.

9366b44... by Julien Cristau on 2013-08-12

Import patches-unapplied version 1:1.4.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b9dfc5deaf0697c27a2b83d987e428a1c937b453

New changelog entries:
  * New upstream release.
  * Build for multiarch (closes: #654252). Patch by Riku Voipio, thanks!
  * Disable silent build rules.