Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow
close 592399 2.3.7-2+lenny3
thanks
On Tue, Oct 05, 2010 at 09:05:46AM +0200, Davide Mirtillo wrote:
> Hello, i just ran the update via aptitude, and apt-listbug reported the
> package as affected by bug #592399 [1]. Aptitude installed
> 2.3.7-2+lenny4, and that version is not marked as bug-free in the bug
> report page.
freetype (2.3.7-2+lenny4) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* fix CVE-2010-3311: integer overflow which can lead to a heap overflow in
libXft
-- Stefan Fritsch <sf@debian.org> Tue, 28 Sep 2010 15:46:35 +0200
freetype (2.3.7-2+lenny3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* CVE-2010-1797: Multiple stack-based buffer overflows
[...]
-- Giuseppe Iuculano <iuculano@debian.org> Sun, 05 Sep 2010 14:51:39 +0200
[...]
The bug was "of course" not closed with that upload. Marking as fixed...
Grüße/Regards,
René
--
.''`. René Engelhard -- Debian GNU/Linux Developer
: :' : http://www.debian.org | http://people.debian.org/~rene/
`. `' rene@debian.org | GnuPG-Key ID: D03E3E70
`- Fingerprint: E12D EA46 7506 70CF A960 801D 0AA0 4571 D03E 3E70
Reply to: