Accepted freetype 2.3.7-2+lenny1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 29 Apr 2009 15:09:46 +0000
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source i386
Version: 2.3.7-2+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Steve Langasek <vorlon@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 524925
Changes:
freetype (2.3.7-2+lenny1) stable-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* This update fixes various integer overflows in cff/cffload.c,
smooth/ftsmooth.c amd sfnt/ttcmap.c leading to arbitrary code
execution or denial of service via a crafted font file
(CVE-2009-0946; Closes: #524925).
Checksums-Sha1:
6d0e3cb727e5a483d00b2de2874ff7ffc3bb9832 1218 freetype_2.3.7-2+lenny1.dsc
57788883bd8bf09a29e93ac27ab21226d1a9fb9c 1567540 freetype_2.3.7.orig.tar.gz
09f2612b7843f490e7570d288ae445f640787fdc 32714 freetype_2.3.7-2+lenny1.diff.gz
e3427ef7847cc14ad8e6a8ccbe1b58fe6ec535c9 371606 libfreetype6_2.3.7-2+lenny1_i386.deb
c24797efbbcf045fe76a57d5f9bdcec718e09ec6 685616 libfreetype6-dev_2.3.7-2+lenny1_i386.deb
0c77ac9fbb5e449fde43332ddc313d84bc9686c1 198880 freetype2-demos_2.3.7-2+lenny1_i386.deb
a823c26a77822d44ee1702e8a3ed3fa4c752bc68 254386 libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
Checksums-Sha256:
bb74c49e5acc2ca62e9afc3134db4fe56b2c3b1bb15e9e0d9029e5aeabe3f4b6 1218 freetype_2.3.7-2+lenny1.dsc
f779897742b81c42c912716b0827379887195ea1bcb6464a7ce1843409d39c23 1567540 freetype_2.3.7.orig.tar.gz
d26a4382f7f27ee61d30655f721a04042f09ee4ab06c29d3a3cd4d4ac1aebd1f 32714 freetype_2.3.7-2+lenny1.diff.gz
06dd750852e3fa5b78ff50f08b9775221945c14c9d911cad73f50587b85e50ec 371606 libfreetype6_2.3.7-2+lenny1_i386.deb
4b8cd928c10164572608f33501e5e3066c6c17d0f548dd698c75b164fc090b02 685616 libfreetype6-dev_2.3.7-2+lenny1_i386.deb
4c4f68c1e3ae1e323c44f50b1eb0c7e9c8123e6207c72e038e5e31613fc78919 198880 freetype2-demos_2.3.7-2+lenny1_i386.deb
28a9fb03737a5604989b40237b821fcde80134b388578053e069139782da72c9 254386 libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
Files:
44b657bd7355ca8852b5f728220521ce 1218 libs optional freetype_2.3.7-2+lenny1.dsc
c1a9f44fde316470176fd6d66af3a0e8 1567540 libs optional freetype_2.3.7.orig.tar.gz
61c850f28c09fe85dae75d4f1b99face 32714 libs optional freetype_2.3.7-2+lenny1.diff.gz
7e56c724b16e31ea9e2b42c54ec4a251 371606 libs optional libfreetype6_2.3.7-2+lenny1_i386.deb
76c13ff85e98143d4e5fd52b69968784 685616 libdevel optional libfreetype6-dev_2.3.7-2+lenny1_i386.deb
46f5663ce579a51e18dc934109cc0645 198880 utils optional freetype2-demos_2.3.7-2+lenny1_i386.deb
951df80ccc9bef3d07dedbbe17760d82 254386 debian-installer extra libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkn4b1AACgkQHYflSXNkfP9YSACgpHNGfrVgXu53GV9mRdd1cCDb
yEYAnRobHWXYMU27t0jYxtmXl/ILene9
=43vu
-----END PGP SIGNATURE-----
Accepted:
freetype2-demos_2.3.7-2+lenny1_i386.deb
to pool/main/f/freetype/freetype2-demos_2.3.7-2+lenny1_i386.deb
freetype_2.3.7-2+lenny1.diff.gz
to pool/main/f/freetype/freetype_2.3.7-2+lenny1.diff.gz
freetype_2.3.7-2+lenny1.dsc
to pool/main/f/freetype/freetype_2.3.7-2+lenny1.dsc
libfreetype6-dev_2.3.7-2+lenny1_i386.deb
to pool/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny1_i386.deb
libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
to pool/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb
libfreetype6_2.3.7-2+lenny1_i386.deb
to pool/main/f/freetype/libfreetype6_2.3.7-2+lenny1_i386.deb
Reply to: