-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 04 Sep 2019 11:48:40 +0200 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: source amd64 Version: 2.5.2-3+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Steve Langasek <vorlon@debian.org> Changed-By: Sylvain Beucler <beuc@debian.org> Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Changes: freetype (2.5.2-3+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the LTS team. * CVE-2015-9381: FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. * CVE-2015-9382: FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation. * CVE-2015-9383: FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c. * Remove spurious quilt .pc/ directory from debian diff (introduced in 2.5.2-2) Checksums-Sha1: dc454250adf18ca98cc2976a23881012da1b2185 1783 freetype_2.5.2-3+deb8u4.dsc b44b8fb1ecd1aeb4671c0aac6e779a316cf97505 72104 freetype_2.5.2-3+deb8u4.diff.gz 0cbee1704e82d616d3ef60bc91f9cdb613ed4a1d 467422 libfreetype6_2.5.2-3+deb8u4_amd64.deb 2b35bec8219169c4d2ad90ba42077b537fcba764 639740 libfreetype6-dev_2.5.2-3+deb8u4_amd64.deb cb31e5e8f970bccefe9ffe9cb943c4d146b6928d 94002 freetype2-demos_2.5.2-3+deb8u4_amd64.deb c93bd870f5582a27abd34d8d05d9955d7f9d3713 294788 libfreetype6-udeb_2.5.2-3+deb8u4_amd64.udeb Checksums-Sha256: ba32ac993642ed5e1712b064b6072f0f67c95c01eafcaa3d5a1d63b2c03c9e5d 1783 freetype_2.5.2-3+deb8u4.dsc 9160b5c1069c763e2b3b55a8e825fa46f054764bf37d8d2d4df3b003859b7e21 72104 freetype_2.5.2-3+deb8u4.diff.gz 7e15413b1e2c5d6e762a9ef6755459f47536435397cd5cc6f48de50f688fd2af 467422 libfreetype6_2.5.2-3+deb8u4_amd64.deb 36ec5496231d708ad304c4d9c6be357c63d9ba4a600c04a04604311a13445426 639740 libfreetype6-dev_2.5.2-3+deb8u4_amd64.deb 2a71609dfdaa2d49c19d6d717c642be00c22b7ec0879da2cfaf899237a72c998 94002 freetype2-demos_2.5.2-3+deb8u4_amd64.deb ef4f6a45a4deb682c2e8dcacbfd9c26eeadcf65bf1f35e10e9adefe0575256de 294788 libfreetype6-udeb_2.5.2-3+deb8u4_amd64.udeb Files: 74924ba8ee528b0f22bd87ed44e44b6a 1783 libs optional freetype_2.5.2-3+deb8u4.dsc effed3161cb08cd46efd3c055a028c25 72104 libs optional freetype_2.5.2-3+deb8u4.diff.gz 56f9fad698bdb6c45ace416fa51ca8d0 467422 libs optional libfreetype6_2.5.2-3+deb8u4_amd64.deb 42c70dc1895505a39fd884e5660eb0df 639740 libdevel optional libfreetype6-dev_2.5.2-3+deb8u4_amd64.deb f84b23bf14ccafaa781df329b6712be0 94002 utils optional freetype2-demos_2.5.2-3+deb8u4_amd64.deb 86487c6461e36718c757f03ea7bb1ded 294788 debian-installer extra libfreetype6-udeb_2.5.2-3+deb8u4_amd64.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl1vrFQACgkQj/HLbo2J BZ/82ggAqZNCk4/GEUoUIZ/c5RyESYYjipLVny7D2V2FQLZ0RF2ZUJtlkCk1Xsv2 OmnZzhOKaC1cjsOgQ5RNNcx3NENqivSJ9UvrRqp47L2N+knJONUgS7y+emziwaUz u62aUYGe6M2lOje7CD/o8TM5TfSlPDnkODXsEjN39HZRQigp8KtkXrDCwrZREP2I H1knsjRDOkg4S3KXy1O1WUPlX5kH6NqlittrLOaKy6mwhTeRkCsLNnBBE9XI00Ey 14Q6KCxppH7FNs3zS3ZAUB/tPbVL9ZKXllMK2B/eHl+Na+rFRdEZSieGl9qqdlQO ftGrMC+OxuICy01Lhvf+SPk1twY/zA== =iggT -----END PGP SIGNATURE-----
