Accepted freetype 2.2.1-5+etch3 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 10 Aug 2008 09:53:09 +0000
Source: freetype
Binary: freetype2-demos libfreetype6-udeb libfreetype6 libfreetype6-dev
Architecture: source i386
Version: 2.2.1-5+etch3
Distribution: stable-security
Urgency: high
Maintainer: Steve Langasek <vorlon@debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Changes:
freetype (2.2.1-5+etch3) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix off-by-one programming error in PFB and TTF font
parsing which could result in a off-by-one heap overflow when
parsing table like data structures (PFB) or SHC instructions (TTF)
Fixes: CVE-2008-1808
* Fix memory corruption when parsing PFB format files
Fixes: CVE-2008-1807
* Fix integer overflow resulting in a heap overflow due to integer
conversion errors
Fixes: CVE-2008-1806
Files:
5a9af398d4749d9b1da47b6d9dbab821 806 libs optional freetype_2.2.1-5+etch3.dsc
a584e84d617c6e7919b4aef9b5106cf4 1451392 libs optional freetype_2.2.1.orig.tar.gz
16f3a9f45c8ba0743fcce4db637b11bf 33815 libs optional freetype_2.2.1-5+etch3.diff.gz
9b65398aaaf701879d4106fbc7c1b241 342704 libs optional libfreetype6_2.2.1-5+etch3_i386.deb
ccaaafcb5eda1820727ddcf67550a9c6 645534 libdevel optional libfreetype6-dev_2.2.1-5+etch3_i386.deb
739490a353dbb1b5a09a7a88faa2d2c2 134990 utils optional freetype2-demos_2.2.1-5+etch3_i386.deb
67dc56faf0a5683f42723ceaaff13617 235954 debian-installer extra libfreetype6-udeb_2.2.1-5+etch3_i386.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiiPQkACgkQ62zWxYk/rQcHmQCgmxZgtPNoEVU1T8hzj3ieJ+MZ
JG8AoJNNqO+GW1XqoLAWJUvwNUM2g5k7
=Rohd
-----END PGP SIGNATURE-----
Accepted:
freetype2-demos_2.2.1-5+etch3_i386.deb
to pool/main/f/freetype/freetype2-demos_2.2.1-5+etch3_i386.deb
freetype_2.2.1-5+etch3.diff.gz
to pool/main/f/freetype/freetype_2.2.1-5+etch3.diff.gz
freetype_2.2.1-5+etch3.dsc
to pool/main/f/freetype/freetype_2.2.1-5+etch3.dsc
libfreetype6-dev_2.2.1-5+etch3_i386.deb
to pool/main/f/freetype/libfreetype6-dev_2.2.1-5+etch3_i386.deb
libfreetype6-udeb_2.2.1-5+etch3_i386.udeb
to pool/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch3_i386.udeb
libfreetype6_2.2.1-5+etch3_i386.deb
to pool/main/f/freetype/libfreetype6_2.2.1-5+etch3_i386.deb
Reply to: