-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 05 Sep 2010 14:51:39 +0200 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: source i386 Version: 2.3.7-2+lenny3 Distribution: stable-security Urgency: high Maintainer: Steve Langasek <vorlon@debian.org> Changed-By: Giuseppe Iuculano <iuculano@debian.org> Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Changes: freetype (2.3.7-2+lenny3) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2010-1797: Multiple stack-based buffer overflows * CVE-2010-2541: Buffer overflow in the ftmulti demo program * CVE-2010-2805: denial of service or possibly execute arbitrary code via a crafted font file * CVE-2010-2806: heap-based buffer overflow * CVE-2010-2807: denial of service or possibly execute arbitrary code via a crafted font file * CVE-2010-2808: Buffer overflow * CVE-2010-3053: denial of service (application crash) via a crafted BDF font file Checksums-Sha1: 0a5f9f729bfc0eb7c49ab5f8b1f820274d2503a5 1219 freetype_2.3.7-2+lenny3.dsc 36e474549d31ffa475fef52aecb7ef89968f97a7 39230 freetype_2.3.7-2+lenny3.diff.gz 76916d1589ebc7198706d8a21543f89ab25bd393 371586 libfreetype6_2.3.7-2+lenny3_i386.deb 17647fad5832cceb4d12e9cf21ca51b4b480ac81 684624 libfreetype6-dev_2.3.7-2+lenny3_i386.deb b1733010c68a4a20765782349afe61a32546ff43 198558 freetype2-demos_2.3.7-2+lenny3_i386.deb 198e1e626ecf447fc33e088878f06326105af91f 254452 libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb Checksums-Sha256: 3e002f61894eba2c03750a5f8d1648683e2171a19ef367daccdd0041e156babc 1219 freetype_2.3.7-2+lenny3.dsc 9faa526b3498870fe9d1793323d72abf4309df6267df49901aebb1a317226e21 39230 freetype_2.3.7-2+lenny3.diff.gz 15879a76841d87ee0346e07ed54ba86a890748fa2487ad57700ad7a358c3fd74 371586 libfreetype6_2.3.7-2+lenny3_i386.deb 3831a8bdede7f97d1bc8b2a2a0f241b6d8d78d3992c70d63df89fe3aa06366e8 684624 libfreetype6-dev_2.3.7-2+lenny3_i386.deb 2e465c4f3d5d8eb69424803a98f1de0cf7808bb44867451f0958229cf6b21bd9 198558 freetype2-demos_2.3.7-2+lenny3_i386.deb 8c08d21a5a9c51339aabc6b4cc44ab43f69e39d28d7feab82e781727d0f8bb46 254452 libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb Files: 2a2bf3d4568d92e2a48ebcda38140e73 1219 libs optional freetype_2.3.7-2+lenny3.dsc 95a3841e7258573ca2d3e0075b8e7f73 39230 libs optional freetype_2.3.7-2+lenny3.diff.gz ec294ffffeb9ddec389e3e988d880534 371586 libs optional libfreetype6_2.3.7-2+lenny3_i386.deb 014d335b35ed41022adb628796a0c122 684624 libdevel optional libfreetype6-dev_2.3.7-2+lenny3_i386.deb 3283ad058d37eed8bca46df743c6a915 198558 utils optional freetype2-demos_2.3.7-2+lenny3_i386.deb a34af74eda0feb2b763cfc6f5b8330c1 254452 debian-installer extra libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyDlcoACgkQNxpp46476ao9FgCfWYmICj2GJdGaGst7k1tYvXSM /T4AoJTve0RQ2GWDjH94x1hHhqGPF2aA =80Vd -----END PGP SIGNATURE----- Accepted: freetype2-demos_2.3.7-2+lenny3_i386.deb to main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb freetype_2.3.7-2+lenny3.diff.gz to main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz freetype_2.3.7-2+lenny3.dsc to main/f/freetype/freetype_2.3.7-2+lenny3.dsc libfreetype6-dev_2.3.7-2+lenny3_i386.deb to main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb to main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb libfreetype6_2.3.7-2+lenny3_i386.deb to main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb