Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted freetype 2.9.1-3+deb10u3 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Date: Sun, 17 Jul 2022 16:02:52 +0000
Signed by: Hugh McMaster <hugh.mcmaster@outlook.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 28 Apr 2022 21:11:36 +1000
Source: freetype
Architecture: source
Version: 2.9.1-3+deb10u3
Distribution: oldstable
Urgency: medium
Maintainer: Hugh McMaster <hugh.mcmaster@outlook.com>
Changed-By: Hugh McMaster <hugh.mcmaster@outlook.com>
Closes: 1010183
Changes:
 freetype (2.9.1-3+deb10u3) buster; urgency=medium
 .
   * Add upstream patches to fix multiple vulnerabilities. Closes: #1010183.
     - CVE-2022-27404: heap buffer overflow via invalid integer decrement in
       sfnt_init_face().
     - CVE-2022-27405: segmentation violation via ft_open_face_internal() when
       attempting to read the value of FT_LONG face_index.
     - CVE-2022-27406: segmentation violation via FT_Request_Size() when
       attempting to read the value of an unguarded face size handle.
Checksums-Sha1:
 74a5ae049b07627f88d5eae2af564cbf989fe218 3727 freetype_2.9.1-3+deb10u3.dsc
 85bc5504b1c0d19936e82b333d36dc6fd4175003 113432 freetype_2.9.1-3+deb10u3.debian.tar.xz
 c73249313b64e88cdbe2bd8f0971cb7895161d1c 8041 freetype_2.9.1-3+deb10u3_amd64.buildinfo
Checksums-Sha256:
 675d49d0380f727f46118aca35ee640ae051cd676985c5dd65de0d7792c23979 3727 freetype_2.9.1-3+deb10u3.dsc
 dfcfbff8b44f769a6937c779a17eac038a4e987ebdb3004c659e801158ca3d52 113432 freetype_2.9.1-3+deb10u3.debian.tar.xz
 aad965ed4a48cb5aa4771049f1a6f9b2c120a94ca9047c475fec142ab0676995 8041 freetype_2.9.1-3+deb10u3_amd64.buildinfo
Files:
 62da4251802973f039e60bb71bc7e95b 3727 libs optional freetype_2.9.1-3+deb10u3.dsc
 c85dccc294b2fd562865b91d8f5b05e8 113432 libs optional freetype_2.9.1-3+deb10u3.debian.tar.xz
 fafbf60604e033c78ca53616ec7fc6a9 8041 libs optional freetype_2.9.1-3+deb10u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJOBAEBCgA4FiEEOiCBPKV5RoaMUVIRWsYQdMXoG8QFAmKoi4AaHGh1Z2gubWNt
YXN0ZXJAb3V0bG9vay5jb20ACgkQWsYQdMXoG8TpzhAAqNN+K8JBrnHd8heZQNQ7
QaR8YMC2fpOor8AATL2LTcPsJeJkgTYFnv+f7ap2B9FWjKrX3ivr2t0AuzK0CCD1
+CjF+s28V2b8RSEZUORL+vSFwh1vZabgg6TRCzCdjvwQYhzpPqK7Metk9FvCh1Ev
PUYQ05enSzNX8XMFExE4ILtK4tRLxlXiE6cFbu8gGVo0ShSNtVzLAm3jcK3lGnWD
GNXZaYwLb8uCZPmxKddVK/cdjLZHJWlC52JzTo3dXVdUUYuElluuJTGgAcOVNb71
z3CUizczo4uJxryfg6boLGjEQfdw/fl0yaGi+6X0BiWZu43M+YuDiyhcYD/RTW8q
I9uGiWIHcy+2RsyKn0oqZV1C77KIZC7e6m+kBR1iA0QWGUbxa2IPNkSEjHwqXtW3
Aco6ZcfkXTaT/53dJikTeQJ494MlfXl4KiLvRc2jukmZcdrL4e07lVQw6IZh2Sau
cDijMNIFkIF3f5wkJevJT5Uxr/y8WHZFCje+g/JCxJg6Jel4EDZhx2qjfMhSw3qt
MWRA2FmdJGALHG7KvqEhvrNqaA4KbRpb/CblNS3l+ZaAcThHYC+f0qX+5/Fys4e+
7NwO+iF3HWkuZ3Dp7++Q2zVb/vZjMBwscrdZgMgYTGmGxIyZyybAFOzGTeXLX9JN
sMnlTui4d9xYenFaxkcdWqo=
=iCsc
-----END PGP SIGNATURE-----

News for package freetype