-
Committer:
Package Import Robot
-
Author(s):
Tyler Hicks
-
Date:
2011-11-17 13:59:33 UTC
-
Revision ID:
package-import@ubuntu.com-20111117135933-7bimesb3c5jfipyf
Tags: 2.3.11-1ubuntu2.5
* SECURITY UPDATE: Arbitrary code execution via crafted Type 1 font
- debian/patches-freetype/CVE-2011-3256.patch: Sanitize Type 1 font inputs
in src/base/ftbitmap.c, src/psaux/t1decode.c, src/raster/ftrend1.c, and
src/truetype/ttgxvar.c. Based on upstream patch.
- CVE-2011-3256
* SECURITY UPDATE: Arbitrary code execution via crafted CID-keyed PS font
- debian/patches-freetype/CVE-2011-3439.patch: Sanitize CID-keyed
PostScript font inputs in src/cid/cidload.c. Based on upstream patch.
- CVE-2011-3439