-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-04-22 10:02:21 UTC
-
Revision ID:
james.westby@ubuntu.com-20090422100221-xdfg2fmju39j0vyr
Tags: 2.3.5-1ubuntu4.8.04.2
* SECURITY UPDATE: possible code execution via multiple integer overflows
- debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
don't overflow int with table + length in src/sfnt/ttcmap.c, validate
glyph width and height in src/smooth/ftsmooth.c.
- CVE-2009-0946