-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2013-01-14 13:24:57 UTC
-
Revision ID:
package-import@ubuntu.com-20130114132457-mcow5jp63qn9d4am
Tags: 2.4.10-0ubuntu2
* SECURITY UPDATE: denial of service and possible code execution via NULL
pointer dereference
- debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
of allocation error in src/bdf/bdflib.c.
- CVE-2012-5668
* SECURITY UPDATE: denial of service and possible code execution via heap
buffer over-read in BDF parsing
- debian/patches-freetype/CVE-2012-5669.patch: use correct array size
in src/bdf/bdflib.c.
- CVE-2012-5669
* SECURITY UPDATE: denial of service and possible code execution via out-
of-bounds write
- debian/patches-freetype/CVE-2012-5670.patch: normalize negative
parameter in src/bdf/bdflib.c.
- CVE-2012-5670