Viewing all changes in revision 20.
- Committer: Bazaar Package Importer
- Date: 2009-04-22 09:41:39 UTC
- Revision ID: james.westby@ubuntu.com-20090422094139-5460n20y5ybiy0pi
* SECURITY UPDATE: possible code execution via multiple integer overflows
- debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
don't overflow int with table + length or ndp + numMappings * 4 in
src/sfnt/ttcmap.c, validate glyph width and height in
src/smooth/ftsmooth.c.
- CVE-2009-0946
- debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
don't overflow int with table + length or ndp + numMappings * 4 in
src/sfnt/ttcmap.c, validate glyph width and height in
src/smooth/ftsmooth.c.
- CVE-2009-0946
- files added:
- debian/patches-freetype/security-CVE-2009-0946.patch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
