lp:ubuntu/lucid-security/libxfont
- Get this branch:
- bzr branch lp:ubuntu/lucid-security/libxfont
Branch merges
Branch information
Recent revisions
- 27. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code exection via invalid property count
- debian/patches/ CVE-2015- 1802.patch: check for integer overflow in
src/bitmap/ bdfread. c.
- CVE-2015-1802
* SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
- debian/patches/ CVE-2015- 1803.patch: bail out if bitmap can't be read
in src/bitmap/bdfread. c.
- CVE-2015-1803
* SECURITY UPDATE: arbitrary code execution via invalid metrics
- debian/patches/ CVE-2015- 1804.patch: ensure metrics fit in struct in
src/bitmap/ bdfread. c.
- CVE-2015-1804 - 26. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
font metadata file parsing
- debian/patches/ CVE-2014- 0209.patch: check for overflows in
src/fontfile/ dirfile. c, src/fontfile/ fontdir. c.
- CVE-2014-0209
* SECURITY UPDATE: denial of service and possible code execution via
xfs font server replies
- debian/patches/ CVE-2014- 021x.patch: check lengths and sizes in
src/fc/fsconvert. c, src/fc/fserve.c.
- CVE-2014-0210
- CVE-2014-0211 - 25. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
stack overflow
- debian/patches/ CVE-2013- 6462.patch: limit sscanf field in
src/bitmap/ bdfread. c.
- CVE-2013-6462 - 24. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary code execution via overflow
- debian/patches/ CVE-2011- 2895.patch: check remaining length in
src/fontfile/ decompress. c.
- CVE-2011-2895 - 23. By Julien Cristau
-
* New upstream release.
* Bump xutils-dev build-dep for new util-macros.
* Build documentation, install it in libxfont-dev.
* Enable support for bzip2 compressed bitmap fonts.
* Don't use LDFLAGS from the environment. Ubuntu sets that to
-Bsymbolic-functions, which breaks libXfont's weak symbols usage. - 22. By StefanPotyra
-
* Rebase to unstable, remaining change:
+ debian/rules: unset LDFLAGS to not be hit by -Bsymbolic-functions,
as libxfont contains weak symbols which are meant to be overriden
(cf. LP #226156). - 21. By StefanPotyra
-
Merge from unstable (LP: #260727), remaining change:
debian/rules: explicitely unset LDFLAGS in order to avoid that
"-Bsymbolic-functions" will get set: libxfont contains a number
of weak symbols, which are meant to be overridden (cf. LP 226156). - 20. By StefanPotyra
-
* debian/rules: Explicetly use empty LDFLAGS, closes LP: #226156.
* debian/control: Mangle Maintainer field according to spec. - 18. By Julien Cristau
-
* High urgency upload for security fix.
* Fix a buffer overflow in the PCF font parser (CVE-2008-0006).
* debian/control updates
+ add myself to Uploaders, and remove Branden and Fabio with their
permission
+ s/^XS-Vcs/Vcs/
+ bump Standards-Version to 3.7.3 (no changes)
+ libxfont1 is Section: libs
+ libxfont-dev and libxfont1-dbg are Section: libdevel
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/oneiric/libxfont