Accepted freetype 2.10.4+dfsg-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted freetype 2.10.4+dfsg-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 01 Jul 2022 15:32:09 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=BkhfjjreTco+idtkLsm2pDgc/l1HR+q6M0esyzTtv/k=; b=mfehL4XehBgIiwRGqIENX+i5LS cuN0/0th7i/mKbZ67GeqWsjdlZ3qQdf95cSqKozt+drmdjeQFYpLyVE8wTg1yfAaQuTxHhWODhdVn rloStTvL5xPggyZRMOEHtW1Q1F+MlXhZo05KnGHpi+6i8DMfr47yBz3l3EEOu1nHOMS2XkXDWY5yG ThTpgiP53yJ7FCzdzY3/GnTZ46t23XYPqT0JdWiqovtJxjur7BhgAYVVHgltFX0M3VyTPT2PnOcqj hzZpIakWyqfocrYs6+AZS/0edAJGUxUh8UmprEpKBYHLEqtuq7LHhlGMn550qfsW+etsC6/gFajXD tSVKZPJA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1o7Icr-0001sx-B5@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 Apr 2022 19:54:23 +1000
Source: freetype
Architecture: source
Version: 2.10.4+dfsg-1+deb11u1
Distribution: stable
Urgency: medium
Maintainer: Hugh McMaster <hugh.mcmaster@outlook.com>
Changed-By: Hugh McMaster <hugh.mcmaster@outlook.com>
Closes: 1010183
Changes:
freetype (2.10.4+dfsg-1+deb11u1) bullseye; urgency=medium
.
* Add upstream patches to fix multiple vulnerabilities. Closes: #1010183.
- CVE-2022-27404: heap buffer overflow via invalid integer decrement in
sfnt_init_face() and woff2_open_font().
- CVE-2022-27405: segmentation violation via ft_open_face_internal() when
attempting to read the value of FT_LONG face_index.
- CVE-2022-27406: segmentation violation via FT_Request_Size() when
attempting to read the value of an unguarded face size handle.
Checksums-Sha1:
2a347e1cd0239af168a172c0ead7a7022523dcf3 3762 freetype_2.10.4+dfsg-1+deb11u1.dsc
c15cdadbe91eb16627811264ef772495d77da163 117572 freetype_2.10.4+dfsg-1+deb11u1.debian.tar.xz
c6e804a7e7be224a6bfd19df5fdfc125a550630f 9016 freetype_2.10.4+dfsg-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
6c93012be153ec146b77bfa4df0bd8b19affe63f5a8bdbfbf3ce6faf4a89e365 3762 freetype_2.10.4+dfsg-1+deb11u1.dsc
f8845df5a24d816934ef30b46b8561072df3f7973ea65654674d69810aab9c3b 117572 freetype_2.10.4+dfsg-1+deb11u1.debian.tar.xz
091b9f3a4466cd7a7929436fd3f3423655c418f04c727ae32f616e53165ebb05 9016 freetype_2.10.4+dfsg-1+deb11u1_amd64.buildinfo
Files:
9d3d20f1d07510b77886fe7ddfead60f 3762 libs optional freetype_2.10.4+dfsg-1+deb11u1.dsc
2d245a36a612a09abe52ebfdaabbaf13 117572 libs optional freetype_2.10.4+dfsg-1+deb11u1.debian.tar.xz
b053f6590002b2c9092f0672c2c11aef 9016 libs optional freetype_2.10.4+dfsg-1+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJOBAEBCgA4FiEEOiCBPKV5RoaMUVIRWsYQdMXoG8QFAmKocrgaHGh1Z2gubWNt
YXN0ZXJAb3V0bG9vay5jb20ACgkQWsYQdMXoG8RGPQ/8DEpPWAXF2BU69ogmHK6u
Ibf2gO9aCSzEvZCT9t2No4xDmqXJd0qpD+kn4/SchV9i7Oy1p7hvFjZghfnr0hmd
mdwJwj5syMEKkLs3aADTjhYri11ZQqYGRuDzn3sspd0G6ob2+Bf23x1JxudC9XVa
NjrT7TbLoe8fyz5nRPuKYD74Fn3waTNiM2m2yn3j1rf7toLj3A39xap1iRRyvQpW
DEGGavCs9DzLl7niLd3MwebSMntSNKiqCG8YAScB4+XNR8Hpii3l2vzl8DJmiWuL
P+rbgzjwLqDxC7anlLQ6LiAAKmmkfREJTKSdUcYYhS8mKGZ0zUK9CF2K64szhaKI
xtH+cAM3ArdoIV/cbMHFKvMfhAgS+XpKg3d8pay/ODkdxuOCw7tPuEbfCptDJ4/4
M3ebVHGwcwWFuJgDiJgSxXNkoyBjMNClA8f6qT9HO7Ja8a9ObZuGSeRIT1QTDJ8J
56oH9zyOoI329kJBVFCckhWyqsflPrjWIqx7kiAwErWN3CU/VGyci1027oJ+APMv
Ggdkydzj5csfxZyGhatR/+MuZDe20byxyQ+h0TV7ybbqh+BSkQVOITdoB1wML0h4
p5Us9O6dJvWsQfJdH4zmdV5fSZMsTNCPcq9pGS5EjweMfH8dE/BFCgrNO/QmPo3R
Z3zQ9wuYqUrJXJ36SurLwgY=
=YewX
-----END PGP SIGNATURE-----