-
freetype (2.3.7-2ubuntu1.1) intrepid-security; urgency=low
* SECURITY UPDATE: possible code execution via multiple integer overflows
- debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
don't overflow int with table + length or ndp + numMappings * 4 in
src/sfnt/ttcmap.c, validate glyph width and height in
src/smooth/ftsmooth.c.
- CVE-2009-0946
-- Marc Deslauriers <email address hidden> Wed, 22 Apr 2009 09:41:39 -0400
-
freetype (2.3.7-2ubuntu1) intrepid; urgency=low
* Merge from Debian unstable, remaining changes:
- debian/patches-freetype/enable-subpixel-rendering.patch:
+ enable subpixel rendering features, used by libcairo and xft to
provide LCD colour filtering. This is considered no more or less
evil than the bytecode interpreter which we also enable.
-- Steve Langasek <email address hidden> Thu, 28 Aug 2008 00:39:24 -0700
-
freetype (2.3.7-1ubuntu1) intrepid; urgency=low
* Merge from debian testing (LP: #251369) , remaining changes:
- debian/patches-freetype/enable-subpixel-rendering.patch:
+ enable subpixel rendering features, used by libcairo and xft to
provide LCD colour filtering. This is considered no more or less
evil than the bytecode interpreter which we also enable.
- Work around Soyuz breakage.
freetype (2.3.7-1) unstable; urgency=low
* New upstream release
* Add a new get-orig-source rule to handle downloading & packing the bits
for us
* Build-depend on x11proto-core-dev instead of the obsolete x-dev.
* Unset DH_VERBOSE when redirecting the output of dh_shlibdeps,
otherwise the substvars are kinda messed up.
* Fix a typo that caused debhelper log junk to be dumped into /usr.
* Replace ${Source-Version} with ${binary:Version} in debian/control.
* Don't install useless copies of /usr/share/doc/libfreetype6 in the
other packages, the symlink is all we need.
-- Mike Duigou <email address hidden> Thu, 24 Jul 2008 12:35:54 -0700
-
freetype (2.3.6-1ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches-freetype/enable-subpixel-rendering.patch:
+ enable subpixel rendering features, used by libcairo and xft to
provide LCD colour filtering. This is considered no more or less
evil than the bytecode interpreter which we also enable.
- Work around Soyuz breakage.
* Modify Maintainer value to match the DebianMaintainerField
specification.
freetype (2.3.6-1) unstable; urgency=low
* New upstream release
- Fixes multiple vulnerabilities in the PFB font parser (CVE-2008-1806,
CVE-2008-1807, CVE-2008-1808). Closes: #485841.
* Fix some very bizarre quoting of $CFLAGS in debian/rules
-- Bryce Harrington <email address hidden> Thu, 19 Jun 2008 18:07:23 -0700
-
freetype (2.3.5-1ubuntu4) gutsy; urgency=low
* debian/patches-freetype/enable-subpixel-rendering.patch:
- Restore patch that enables subpixel rendering features, now that
libcairo and xft provide the ability for the specific lcd filter
to be changed.
-- Scott James Remnant <email address hidden> Thu, 20 Sep 2007 20:51:00 +0100
