~ubuntu-branches/ubuntu/precise/libxfont/precise-updates

Viewing all changes in revision 31.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2015-03-18 07:33:04 UTC
  • Revision ID: package-import@ubuntu.com-20150318073304-iswe3nur3wdv2fen
Tags: 1:1.4.4-1ubuntu0.3
* SECURITY UPDATE: arbitrary code exection via invalid property count
  - debian/patches/CVE-2015-1802.patch: check for integer overflow in
    src/bitmap/bdfread.c.
  - CVE-2015-1802
* SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
  - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
    in src/bitmap/bdfread.c.
  - CVE-2015-1803
* SECURITY UPDATE: arbitrary code execution via invalid metrics
  - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
    src/bitmap/bdfread.c.
  - CVE-2015-1804

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: