Back to freetype PTS page

Accepted freetype 2.5.2-3 (source amd64) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted freetype 2.5.2-3 (source amd64) into unstable
From: Keith Packard <keithp@keithp.com>
Date: Sat, 28 Feb 2015 05:19:01 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1YRZnp-0002HP-ED@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Feb 2015 22:04:36 -0800
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.5.2-3
Distribution: unstable
Urgency: medium
Maintainer: Steve Langasek <vorlon@debian.org>
Changed-By: Keith Packard <keithp@keithp.com>
Description:
 freetype2-demos - FreeType 2 demonstration programs
 libfreetype6 - FreeType 2 font engine, shared library files
 libfreetype6-dev - FreeType 2 font engine, development files
 libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 777656
Changes:
 freetype (2.5.2-3) unstable; urgency=medium
 .
   * Fix Savannah bug #43535. CVE-2014-9675
   * [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1
   * src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
     in the summation of POST fragment lengths. CVE-2014-0674-part-2
   * src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
     too long tracing messages. CVS-2014-9674-fixup-2
   * src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to read the lengths in POST fragments. CVE-2014-9674-fixup-1
   * Fix Savannah bug #43538. CVE-2014-9674-part-1
   * Fix Savannah bug #43539. CVE-2014-9673
   * src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
     a broken POST table in resource-fork. CVE-2014-9673-fixup
   * Fix Savannah bug #43540. CVE-2014-9672
   * Fix Savannah bug #43547. CVE-2014-9671
   * Fix Savannah bug #43548. CVE-2014-9670
   * [sfnt] Fix Savannah bug #43588. CVE-2014-9669
   * [sfnt] Fix Savannah bug #43589. CVE-2014-9668
   * [sfnt] Fix Savannah bug #43590. CVE-2014-9667
   * [sfnt] Fix Savannah bug #43591. CVE-2014-9666
   * Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
   * Fix uninitialized variable warning. CVE-2014-9665-fixup-2
   * Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
     CVE-2014-9665-fixup
   * [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
   * [sfnt] Fix Savannah bug #43656. CVE-2014-9663
   * [cff] Fix Savannah bug #43658. CVE-2014-9662
   * [type42] Allow only embedded TrueType fonts. CVE-2014-9661
   * [bdf] Fix Savannah bug #43660. CVE-2014-9660
   * [cff] Fix Savannah bug #43661. CVE-2014-9659
   * [sfnt] Fix Savannah bug #43672. CVE-2014-9658
   * [truetype] Fix Savannah bug #43679. CVE-2014-9657
   * [sfnt] Fix Savannah bug #43680. CVE-2014-9656
   * All CVEs patched. Closes: #777656.
Checksums-Sha1:
 3a2a91cde82d0231cd17ac1ca9c93879ab81b152 2078 freetype_2.5.2-3.dsc
 0461db9903ba3cf76d8fb0c05589393f3bad6e37 65772 freetype_2.5.2-3.diff.gz
 23b5c440d27916d17c5581a04785fc01caa772e9 466228 libfreetype6_2.5.2-3_amd64.deb
 c76df6aed3041e8597fb203c5c0c28384c4d3560 639830 libfreetype6-dev_2.5.2-3_amd64.deb
 1509066bee74019295aad6cb33b8f50a36f22453 94324 freetype2-demos_2.5.2-3_amd64.deb
 1a8b57c3ea177ce29cf4893265dcb595619a605d 294948 libfreetype6-udeb_2.5.2-3_amd64.udeb
Checksums-Sha256:
 20f49e6af334c14921caf854b4c0f0d431b6ccec8d24ab87f05a5d87770fc0a5 2078 freetype_2.5.2-3.dsc
 3370204972ae5df8c0035dd0f473eee6cb461b85518c3155fc8ab062882b4bbd 65772 freetype_2.5.2-3.diff.gz
 90d27b9dbad6653eff439df987b4ef4ca340a08966b74072dfba88ab5fb33cf8 466228 libfreetype6_2.5.2-3_amd64.deb
 3031bd23dbd480e38d3adede602d2ffb72d080a34e40b87132bff2e63fddd4e5 639830 libfreetype6-dev_2.5.2-3_amd64.deb
 ade17c6d84ab2f7134f897c5e2f90af868aa489cd7ebe05c49deafc0ec8d4d0c 94324 freetype2-demos_2.5.2-3_amd64.deb
 c48a984d2bac451d69f5e9ca085271e32e0726d268618760005b51180d635a1b 294948 libfreetype6-udeb_2.5.2-3_amd64.udeb
Files:
 aaf787c7904ad14e7106e3e38e17f760 2078 libs optional freetype_2.5.2-3.dsc
 f08c158f41e2e5e4d8ba23e98aa05e6f 65772 libs optional freetype_2.5.2-3.diff.gz
 679df204496aaa7de1d131650bd4de9d 466228 libs optional libfreetype6_2.5.2-3_amd64.deb
 7079cc465d2d8caf3ca8454924be110d 639830 libdevel optional libfreetype6-dev_2.5.2-3_amd64.deb
 6666431bd19656f7d045973f2df93aac 94324 utils optional freetype2-demos_2.5.2-3_amd64.deb
 cb37948dcf3e77ac22a1f60dda553454 294948 debian-installer extra libfreetype6-udeb_2.5.2-3_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBVPFLYtsiGmkAAAARAQhMeA/+Pksr1+7w2ofI0EjxNegjzpWTfeemeeOz
ts6yaDY3rsaIxegv+0Qt0XwP/CYqMJf3uqs51j6agFxVsrlsmS/MEH97HI0Y390L
poJ9Jrs3Aewewt3OyIn4fMcv7Kg/TBPj59ZG0GObBC2wm2ZupVYUy5gtkxvw6pvB
+ysZ12GP4LXj3Hbs/20XzrknZe5PY/wxi2+rucTA/NztqWX8WwebDp5BzJY5N93g
P3CTEEDAngbkQXow/AVknbrn83jEM+WoXC7sNr46zN3ETxVmdM/juNFd42357DBm
8b4q2WowKoCNcREKcebCbDjxaATKJEJ9OsCy5SBb/GKOmrS9mSFBKDyG89rfsocJ
lJqGK/jXdB4pIfKB9aKFKhTOIiDjE0YJBxVpNCzZQHoGm+jcN804Cl8sPOZfLjvN
oqTxPJHJDrScn0lWhO/Msia18lS2EaN63aTDybXmyMZwh1KNWZrTuRDMYWF9XdqS
GKDkdzWtLBLr8B7U7e+7+M+dziIGepWiHoeRpCMMWC8RK+c8lPhSFRYem3kkhn/F
LbgVlxRQlVlzfgTBZQHOV4TTT9yp1IMZCMhuCNmzcAXu7xPnVSMPqgBD3Dv4XroN
88w2tLWh4OK9VGttw1ZBDq5DsFff7WUw1K/9A74EAZ4jFl+SgXd/vco4vI/TuRWN
CUaT2yCxx20=
=G5BZ
-----END PGP SIGNATURE-----