-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-11-02 15:17:07 UTC
-
Revision ID:
james.westby@ubuntu.com-20101102151707-1cc0huvruy2ifccy
Tags: 2.1.10-1ubuntu2.10
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/425-CVE-2010-3311.patch: correctly validate position
in src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/426-CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855