-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 03 Apr 2007 19:31:24 +0200
Source: libxfont
Binary: libxfont1-dbg libxfont1 libxfont-dev
Architecture: source i386
Version: 1:1.2.2-2
Distribution: unstable
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
libxfont-dev - X11 font rasterisation library (development headers)
libxfont1 - X11 font rasterisation library
libxfont1-dbg - X11 font rasterisation library (debug package)
Changes:
libxfont (1:1.2.2-2) unstable; urgency=high
.
* Grab patch from upstream git to fix security issues:
+ CVE-2007-1351: BDFFont Parsing Integer Overflow
+ CVE-2007-1352: fonts.dir File Parsing Integer Overflow
Files:
f8ceba212597bba608f9a5e046072824 903 x11 optional libxfont_1.2.2-2.dsc
47f72e52a1b9da71b5aaabea9729137d 20745 x11 optional libxfont_1.2.2-2.diff.gz
d619c3c6788b3193b25e9635e3e7c539 218306 x11 optional libxfont1_1.2.2-2_i386.deb
4813064eb6db75502f02577c67d9b09f 340396 x11 extra libxfont1-dbg_1.2.2-2_i386.deb
e9def5f35f8969bdbede76d8fc8a50dc 284556 x11 optional libxfont-dev_1.2.2-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGEpUzmEvTgKxfcAwRAnwTAKCNiFNKTV9TLnfbBabDb8s6WpkyuQCcClB7
S9MAcj0SUKTN6yNzJiGvYcw=
=N0Ok
-----END PGP SIGNATURE-----
Accepted:
libxfont-dev_1.2.2-2_i386.deb
to pool/main/libx/libxfont/libxfont-dev_1.2.2-2_i386.deb
libxfont1-dbg_1.2.2-2_i386.deb
to pool/main/libx/libxfont/libxfont1-dbg_1.2.2-2_i386.deb
libxfont1_1.2.2-2_i386.deb
to pool/main/libx/libxfont/libxfont1_1.2.2-2_i386.deb
libxfont_1.2.2-2.diff.gz
to pool/main/libx/libxfont/libxfont_1.2.2-2.diff.gz
libxfont_1.2.2-2.dsc
to pool/main/libx/libxfont/libxfont_1.2.2-2.dsc
