-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-11-02 14:38:53 UTC
-
Revision ID:
james.westby@ubuntu.com-20101102143853-eyilrbcd5faxev6c
Tags: 2.3.11-1ubuntu2.4
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/CVE-2010-3311.patch: correctly validate position in
src/base/ftstream.c.
- CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
improper error handling of SHZ bytecode instruction
- debian/patches/CVE-2010-3814.patch: add bounds check to
src/truetype/ttinterp.c.
- CVE-2010-3814
* SECURITY UPDATE: denial of service and possible code execution via
TrueType GX font
- debian/patches/CVE-2010-3855.patch: add bounds checks to
src/truetype/ttgxvar.c.
- CVE-2010-3855