-
Committer:
Package Import Robot
-
Author(s):
Julien Cristau
-
Date:
2014-05-13 17:25:49 UTC
-
Revision ID:
package-import@ubuntu.com-20140513172549-0tospr47im3q9bej
Tags: 1:1.4.7-2
* Pull from upstream git to fix FTBFS with new fontsproto (closes: #746052)
* CVE-2014-0209: integer overflow of allocations in font metadata
* CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
* CVE-2014-0211: integer overflows calculating memory needs for xfs replies
* Add breaks on xfs because we broke it by disabling font protocol support
in 1.4.7.