libxfont: Changes to 'debian-squeeze'

To: debian-x@lists.debian.org
Subject: libxfont: Changes to 'debian-squeeze'
From: Julien Cristau <jcristau@alioth.debian.org>
Date: Thu, 11 Aug 2011 14:29:27 +0000
Message-id: <[🔎] E1QrWGF-0003rk-TR@vasks.debian.org>

New branch 'debian-squeeze' available with the following commits:
commit a13fa846ed2c1cfc9cf10a73b6487e244c53bd13
Author: Julien Cristau <jcristau@debian.org>
Date:   Thu Aug 11 16:15:56 2011 +0200

    Upload to squeeze-security

commit 72f3245295852dd0ca59ec2c4157c96ff14294d3
Author: Thomas Hoger <thoger@redhat.com>
Date:   Mon Aug 8 18:03:09 2011 +0200

    LZW decompress: fix for CVE-2011-2895
    
    Specially crafted LZW stream can crash an application using libXfont
    that is used to open untrusted font files.  With X server, this may
    allow privilege escalation when exploited
    
    Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr>
    Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    (cherry picked from commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0)

Reply to:

Prev by Date: libxfont: Changes to 'refs/tags/libxfont-1_1.4.1-3'
Next by Date: libxfont: Changes to 'debian-lenny'
Previous by thread: libxfont: Changes to 'refs/tags/libxfont-1_1.4.1-3'
Next by thread: libxfont: Changes to 'debian-lenny'
Index(es):
- Date
- Thread