-
Committer:
Package Import Robot
-
Author(s):
Yves-Alexis Perez
-
Date:
2012-01-14 21:55:47 UTC
-
Revision ID:
package-import@ubuntu.com-20120114215547-jsdhyuyvbyzw1iz4
Tags: 5.1.2-3+lenny1
* Non-maintainer upload by the Security Team.
* debian/patches:
- CVE-2010-2642 added, fix heap-based buffer overflow first found in
evince but applicable to the embedded afmparse library found in t1lib
too. Fixes CVE-2011-0433 too on the same patch.
- CVE-2011-0764 added, fix arbitrary code execution by only using ppoints
when it is a valid pointer. closes: #652996
This fixes CVE-2011-0764, CVE-2011-1552, CVE-2011-1553 and CVE-2011-1554
* format-string added, fix a format string error IfTrace0 macro and another
in T1_SubfsetFont().