-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 07 Jan 2014 17:51:29 +0100 Source: libxfont Binary: libxfont1 libxfont1-udeb libxfont1-dbg libxfont-dev Architecture: source amd64 Version: 1:1.4.7-1 Distribution: sid Urgency: high Maintainer: Debian X Strike Force <debian-x@lists.debian.org> Changed-By: Julien Cristau <jcristau@debian.org> Description: libxfont-dev - X11 font rasterisation library (development headers) libxfont1 - X11 font rasterisation library libxfont1-dbg - X11 font rasterisation library (debug package) libxfont1-udeb - X11 font rasterisation library (udeb) Closes: 720026 Changes: libxfont (1:1.4.7-1) unstable; urgency=high . * New upstream release + CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters() * Don't put dbg symbols from the udeb in the dbg package. * dev package is no longer Multi-Arch: same (closes: #720026). * Disable support for connecting to a font server. That code is horrible and full of holes. Checksums-Sha1: 8dac4f5a5365ceb43f04c03dc1d86af8c5c51655 2241 libxfont_1.4.7-1.dsc e81a9bb1287e09405293db65677f1b9ce5a64fcc 619372 libxfont_1.4.7.orig.tar.gz 910d520dabe98134bc9dd33266600fc6c7c7aa94 9609 libxfont_1.4.7-1.diff.gz f0df43b62e205ca84751dad3698e06492ef6e632 125516 libxfont1_1.4.7-1_amd64.deb 3bf743b088ab143ef2fcfd5c53a52be06e7d6187 89178 libxfont1-udeb_1.4.7-1_amd64.udeb 14c9d1954df458fec69b827398fe1b3858748cce 204868 libxfont1-dbg_1.4.7-1_amd64.deb 655c5dc565f26ae970d16d602aae72b7b37391d9 158218 libxfont-dev_1.4.7-1_amd64.deb Checksums-Sha256: 67d0049a114cfd92ef220dda17e0693d531e8540df2116fc4912c8351b2ef988 2241 libxfont_1.4.7-1.dsc 23029d9ab79190466169220c202a73e239fdf94a93a250a9d2d5756381b67ad2 619372 libxfont_1.4.7.orig.tar.gz 62fdb4008eb698f45c430d5c69fc9596c6c9dd50d518bdd55228cd65c811dd26 9609 libxfont_1.4.7-1.diff.gz 566fc94bdf29b3d6adbe6284a5022a8c484e7aa72bbc7ed8b21be72f4eb05c65 125516 libxfont1_1.4.7-1_amd64.deb 93c6c5f1e5e4924ac6b6827246e9dafd76cb0127e111ca16d0c19807a556fb97 89178 libxfont1-udeb_1.4.7-1_amd64.udeb f20b58eac34dff32633a4d3c86ae61ab387d7a8cfa9cd7cb04a9db07731845b5 204868 libxfont1-dbg_1.4.7-1_amd64.deb 02fa42ceda7f97ebcd81ed36f0c05ca0656b94a848c7bba5205418ff98f27798 158218 libxfont-dev_1.4.7-1_amd64.deb Files: e10127da150a1254896d2f77e549f0ee 2241 x11 optional libxfont_1.4.7-1.dsc f265a3753386026414dab4408b7a74be 619372 x11 optional libxfont_1.4.7.orig.tar.gz 33b8ee20d9e260b69f959a17045b0784 9609 x11 optional libxfont_1.4.7-1.diff.gz d012c751f8bab68900c6ea6563e6f8dc 125516 libs optional libxfont1_1.4.7-1_amd64.deb b375b7312f57a95945e9e3185321b3ac 89178 debian-installer optional libxfont1-udeb_1.4.7-1_amd64.udeb e014ba682ac88ec2f859df184b820df5 204868 debug extra libxfont1-dbg_1.4.7-1_amd64.deb bdb0544e0db1d78de11e9c9680e8fc62 158218 libdevel optional libxfont-dev_1.4.7-1_amd64.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSzDPxAAoJEDEBgAUJBeQMDR0P/3+P6TAzAXIkYTXgQnk/MOWD MAwZaXCM2yF7Wf4DzlkBoF/7YAcoFo7w2NyY2X/CrVHhfW2+fywQx4b7PCUoKVwd au1nOA3j4QFa4S+QEOtea+TqeG28R7Y6+MXAN53EjS/J2ZkCaw/SZEnefIY9db9g lvZ+q2hsENDE5n6tHxoQ8rx1Z8Cvz+qDk9O1/SxX1IYBcHroOKc2DR4qZte0+Gig srJB+X5TOoqOauRdn113EKFIY8vqRLXeBdpkAToEVil95hQ9riY9vgfHv7/bTyfE DH/Wy8nzB76OgrHUdXuEAdMuswdSzTDWc0hh5dL2xvSum0lHvuB6dRq2NcVl1Ue/ GBwvogb+EHb3N0yEFfwPVoeockfCKylQ2MhbMSKZyDLILO6BriIAVrrfPyhhPBXf CgDTV1w/2yO5HDOa9tgTE5SnB9nyFDOzbmbYyUULXiIoUx0opbvtB+iNDYBcEksX Kd3g/Ewh0PiU9uMFqyJ6MTL7oHEL5l/OKYejUjI9zSVvhOmtNoXFeeixvYVyFx9g aZXAinqfp3pfnJ/+6AsNQMwhDAZkFPzI6bjfGhqMY1lbMFJWBs1uiDiIG2XzP1bk T8dFAYvsa5DwE11PdLGMAQ70K9nrQmwenjrV3b5CNL8CQ3PikPoCbMwpoumi6nRA YqI7gZAl1ZsFhpw0gvoy =aKv/ -----END PGP SIGNATURE-----