Change log for libxfont1 package in Ubuntu

libxfont1 (1:1.5.2-4ubuntu2) bionic; urgency=medium

  * SECURITY UPDATE: non-privileged arbitrary file access
    - debian/patches/CVE-2017-16611.patch: open files with O_NOFOLLOW in
      src/fontfile/dirfile.c, src/fontfile/fileio.c.
    - CVE-2017-16611

 -- Marc Deslauriers <email address hidden>  Wed, 29 Nov 2017 15:12:15 -0500

Available diffs

• diff from 1:1.5.2-4ubuntu1 to 1:1.5.2-4ubuntu2 (1.6 KiB)

libxfont1 (1:1.5.2-4ubuntu0.2) zesty-security; urgency=medium

  * SECURITY UPDATE: non-privileged arbitrary file access
    - debian/patches/CVE-2017-16611.patch: open files with O_NOFOLLOW in
      src/fontfile/dirfile.c, src/fontfile/fileio.c.
    - CVE-2017-16611

 -- Marc Deslauriers <email address hidden>  Tue, 28 Nov 2017 14:48:54 -0500

Available diffs

• diff from 1:1.5.2-4ubuntu0.1 to 1:1.5.2-4ubuntu0.2 (1.6 KiB)

libxfont1 (1:1.5.2-4ubuntu1.1) artful-security; urgency=medium

  * SECURITY UPDATE: non-privileged arbitrary file access
    - debian/patches/CVE-2017-16611.patch: open files with O_NOFOLLOW in
      src/fontfile/dirfile.c, src/fontfile/fileio.c.
    - CVE-2017-16611

 -- Marc Deslauriers <email address hidden>  Tue, 28 Nov 2017 14:49:56 -0500

Available diffs

• diff from 1:1.5.2-4ubuntu1 (in Ubuntu) to 1:1.5.2-4ubuntu1.1 (1.6 KiB)

libxfont1 (1:1.5.2-4ubuntu0.1) zesty-security; urgency=medium

  * SECURITY UPDATE: invalid memory read in PatternMatch
    - debian/patches/CVE-2017-13720.patch: check for end of string in
      src/fontfile/fontdir.c.
    - CVE-2017-13720
  * SECURITY UPDATE: DoS or info leak via malformed PCF file
    - debian/patches/CVE-2017-13722.patch: check string boundaries in
      src/bitmap/pcfread.c.
    - CVE-2017-13722

 -- Marc Deslauriers <email address hidden>  Fri, 06 Oct 2017 11:46:56 -0400

Available diffs

• diff from 1:1.5.2-4 (in Debian) to 1:1.5.2-4ubuntu0.1 (1.7 KiB)

libxfont1 (1:1.5.2-4ubuntu1) artful; urgency=medium

  * SECURITY UPDATE: invalid memory read in PatternMatch
    - debian/patches/CVE-2017-13720.patch: check for end of string in
      src/fontfile/fontdir.c.
    - CVE-2017-13720
  * SECURITY UPDATE: DoS or info leak via malformed PCF file
    - debian/patches/CVE-2017-13722.patch: check string boundaries in
      src/bitmap/pcfread.c.
    - CVE-2017-13722

 -- Marc Deslauriers <email address hidden>  Fri, 06 Oct 2017 10:05:59 -0400

Available diffs

• diff from 1:1.5.2-4 (in Debian) to 1:1.5.2-4ubuntu1 (1.7 KiB)

libxfont1 (1:1.5.2-4) unstable; urgency=medium

  [ Andreas Boll ]
  * Fix a typo in override_dh_strip.
  * Remove dh-autoreconf build-dep. Not needed with debhelper 10.
  * Remove obsolete Conflicts from pre-wheezy.
  * Update a bunch of URLs in packaging to https.
  * Remove superfluous --libdir from dh_auto_configure. Not needed with
    debhelper compat level >= 9.

 -- Timo Aaltonen <email address hidden>  Thu, 24 Nov 2016 21:26:43 +0200

Available diffs

• diff from 1:1.5.2-3 to 1:1.5.2-4 (1.3 KiB)

libxfont1 (1:1.5.2-3) unstable; urgency=medium

  * Drop libxfont1-udeb.
  * Switch to -dbgsym.
  * Bump debhelper compat to 10. Drop --with quilt and --parallel flags,
    they are enabled by default now.

 -- Timo Aaltonen <email address hidden>  Thu, 24 Nov 2016 00:16:53 +0200

Available diffs

• diff from 1:1.5.2-2 to 1:1.5.2-3 (1.6 KiB)

libxfont1 (1:1.5.2-2) unstable; urgency=medium

  * Rename source to libxfont1.
  * Rename dev package to libxfont1-dev.
  * control: Move to oldlibs.
  * control: Add myself to uploaders.

 -- Timo Aaltonen <email address hidden>  Thu, 17 Nov 2016 13:19:18 +0200