Back to fontforge PTS page

Accepted fontforge 1:20170731~dfsg-1+deb10u1 (source) into oldoldstable

To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
Subject: Accepted fontforge 1:20170731~dfsg-1+deb10u1 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 07 Mar 2024 21:10:20 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: fontforge_20170731~dfsg-1+deb10u1_source.changes
Debian-source: fontforge
Debian-suite: oldoldstable
Debian-version: 1:20170731~dfsg-1+deb10u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=EOx8bjrdEmw0tR4vxREt0Dp1e2xWpeKFJO830KIHHUU=; b=VliQQtpOwmOyhPPeXwYzs/h1W6 SGIPCITWqsdIZoJ2Aboou7lGYDWc1SlzlGLuwON/1DKiaY1i+1vWRR3iNkjlbfyW5V8CCAtjXCZdy ehrIOAd6vPo3F6r4XRtYr/Ld2mt8lL/HNdv44OyadetPBNExS/rsye30/GkflZkHgOn5X2MPSUEvO 5hVi2bnObC8jBi/OxD77rW7VufVw7I2DH9sAIxuGOfPhDHG29EefReeiKvVOXhywZg+spRwPnaMhV IkkUHuBrhoe6nYYLpw8YxyQ5NWcEkvb5DaKVYkR+Fr9KmYXZBtknEfCXEKcBAR9QTk5A8USYFwd27 tkyzI1Qw==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1riL0O-006P02-Kl@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Mar 2024 22:13:52 +0200
Source: fontforge
Architecture: source
Version: 1:20170731~dfsg-1+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
 fontforge (1:20170731~dfsg-1+deb10u1) buster-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2020-5395: Use-after-free in SFD_GetFontMetaData()
   * CVE-2020-5496: Buffer overflow in Type2NotDefSplines()
   * CVE-2024-25081: Spline Font command injection via crafted filenames
   * CVE-2024-25082: Spline Font command injection via crafted archives
     or compressed files
Checksums-Sha1:
 a90d87d6c1eccd4e6b4ca40ad4250fd07ce51dc3 3154 fontforge_20170731~dfsg-1+deb10u1.dsc
 2062bafa78013d87509cebffc8b412b4a6786f72 17896802 fontforge_20170731~dfsg.orig.tar.gz
 db12021d2c5915c1dcd4b6fb9b06f9dfb7923a7a 57524 fontforge_20170731~dfsg-1+deb10u1.debian.tar.xz
Checksums-Sha256:
 affb09704c222997fcbe43781788b1b50eea3318b68abaa98c08d3cfe608440a 3154 fontforge_20170731~dfsg-1+deb10u1.dsc
 642dd957a7e36d68e37c8be9f849a2b2ec2f9e831103d1458660a165fe3e4ae7 17896802 fontforge_20170731~dfsg.orig.tar.gz
 4268a047eaa63e163a540c4189fd3102d55d0831158d2beefed990fd63eb1ca8 57524 fontforge_20170731~dfsg-1+deb10u1.debian.tar.xz
Files:
 809618e46cebfd68001eca80f966f592 3154 fonts optional fontforge_20170731~dfsg-1+deb10u1.dsc
 127bbd78bb24624b8d4d2965ef4ad3cf 17896802 fonts optional fontforge_20170731~dfsg.orig.tar.gz
 ba8c8222279f831ef2090eb07410b2a4 57524 fonts optional fontforge_20170731~dfsg-1+deb10u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmXqKrUACgkQiNJCh6LY
mLGNaRAArUBfCjyOQV+K25fXQcCCz26SPktCD72snyU+Xdshx8rcBgq2h42GWnSv
4Mlx2kwYxD0SOEHIMTjy31NrNFMLhWToGEGQOAc7O3FEx31scJnMDdhIawx14jhC
W22e+tmBA3iEK/KVLdbbQsGs8iTW/TgHPcjyT1Jkh7U3NCQliLFLsZfoM4iNzT+t
RFReweREPDIHM/4H0jk8D2//6/t5slNIw/pIDi+CvHfgcGJDhLj+TqN16AIkl1Jh
EVk5/QtGeEOpKFSB/N3Kr9Q0CUDpiUtOcj86bCJQRUydQYeHJxWrzTfrUZDapZus
n2XQCoiGte6ouB2w2chXZ48eFp/9ZpgIkZ58oJKw0DoUXGUbOOXPbHW8mSXcF+pB
YpvHD9nIUUm0uQdMrbEj4RL90NxOB4rIRk2Yz7UBgdPLPVfiVR13Kl9Ihx8r4dPu
HfC8zHpGeuimXvT4D/2Im8qFoRVOelrwsKbF0fe1g8AyLOy/T++yqez9uUiFTDmp
QBN3kAmUqYVIBsQn54C47N4y5C2U54VSQb2eaganMJ6fAavVAmcVt+GoXqMF01io
29KWMPxDWYu6XWoa8WsNFnUbkShVCoYBJk0YS7M6K/Q/O9Nzq3Nu6iwCma8x+Z6B
tEFta+jKHYswSHixqKMdnCnPvCgvD0UA/P+mBBV4CmDM9dU0kxM=
=C2vZ
-----END PGP SIGNATURE-----

Attachment: pgpjbWRy4bitG.pgp
Description: PGP signature