-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 13 May 2014 17:25:49 +0200 Source: libxfont Binary: libxfont1 libxfont1-udeb libxfont1-dbg libxfont-dev Architecture: source amd64 Version: 1:1.4.7-2 Distribution: sid Urgency: high Maintainer: Debian X Strike Force <debian-x@lists.debian.org> Changed-By: Julien Cristau <jcristau@debian.org> Description: libxfont-dev - X11 font rasterisation library (development headers) libxfont1 - X11 font rasterisation library libxfont1-dbg - X11 font rasterisation library (debug package) libxfont1-udeb - X11 font rasterisation library (udeb) Closes: 746052 Changes: libxfont (1:1.4.7-2) unstable; urgency=high . * Pull from upstream git to fix FTBFS with new fontsproto (closes: #746052) * CVE-2014-0209: integer overflow of allocations in font metadata * CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies * CVE-2014-0211: integer overflows calculating memory needs for xfs replies * Add breaks on xfs because we broke it by disabling font protocol support in 1.4.7. Checksums-Sha1: 95fc9d734b22758ecb4059ff10be5f5d155bea62 2263 libxfont_1.4.7-2.dsc ea10133cd8ad4fd14f2a782ef615b54d0655bc3d 26257 libxfont_1.4.7-2.diff.gz 671d5d223b79b66f20a724a4c83d7362b444f893 128008 libxfont1_1.4.7-2_amd64.deb 497b039f525750f01e5fb07b78a4d2960026cdff 89150 libxfont1-udeb_1.4.7-2_amd64.udeb d41b47f7d64dcacd5746e3683b4d3aa252a9ef5e 207152 libxfont1-dbg_1.4.7-2_amd64.deb 9351d3ff6cf5616c83f967851122a178975c7ccd 160612 libxfont-dev_1.4.7-2_amd64.deb Checksums-Sha256: e8807b41ea0b62b1a676b97d0d4a923859c24553b41304a457a106940b1c2fd7 2263 libxfont_1.4.7-2.dsc 7a61d4cecba97a7533add79c887dd485d4a1a0559012942ea130154e19485e74 26257 libxfont_1.4.7-2.diff.gz 5c10de642ddc68b251d2c3e373fdf6f530c4cf95f447dec9109736b380d5d5b2 128008 libxfont1_1.4.7-2_amd64.deb f9943805bc2d3f7ece04e788fb246f77e28c63e8279e49ed9f75ee82b4a2f922 89150 libxfont1-udeb_1.4.7-2_amd64.udeb a01f2c30e996c8db13c74729046f6875dc17d723f1f23e464cc0a7c6a863cbf9 207152 libxfont1-dbg_1.4.7-2_amd64.deb 3c6ee7da9f7fe678330c1dd780169b96c21a8a657e4c229e04daa5a2f00052c7 160612 libxfont-dev_1.4.7-2_amd64.deb Files: 59d38aeb965e6f69a6923ce4007d2878 128008 libs optional libxfont1_1.4.7-2_amd64.deb 268e3e9c9fea0897f53fa6fc681df3a3 89150 debian-installer optional libxfont1-udeb_1.4.7-2_amd64.udeb 463e76307821b6a0252b5c176f05390c 207152 debug extra libxfont1-dbg_1.4.7-2_amd64.deb 7f64bd05d4c4a20aa15ff76b60116776 160612 libdevel optional libxfont-dev_1.4.7-2_amd64.deb 0e45e5278466497582d8f8782d5ea1eb 2263 x11 optional libxfont_1.4.7-2.dsc 075288b559709b1db2f02d31a4184441 26257 x11 optional libxfont_1.4.7-2.diff.gz Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTcjqmAAoJEDEBgAUJBeQM8rwQANjEqWr/ApxiIOAozemM9VxM eW4lfs+x4UgFjWlDiLJIH1ZYuVyjxWkp9b/9F3GRlRXJ6KD9OT7rzTwaD0GDnO5p f+HS0xsn4yxVZ3K3Tjl4zq6w3HJd2jf2F8IiBd4vFJqfaSf2DtXJZXMxKKZP211C hWMrn/rolQKP0oYv1GQSXYnuFtF3Oh60Sw9DBYEAmx3EpLgw/LP7NVhRm1DDu2Ug ZVxpCq9vj1tRiugv/SV5A9HlBQdfcRD8Vjj7eynxKX6H4T6U7ZuPi5+oJxN/H4K2 5BkLsAmTLUaCWEHZEYWr3sOpYZZooIMfL+zGWqtjyEfiV//nyeI0jphexaJG192Y vMYGnJRscrz0hWn4sCxtgx1A6By6lA3lTpw1wi+mapN1wl5Y/m14csNwPDguOJcu Vz2qmw/ARp/TvnxoEoU6g6NQGriFGslbVb9RSiAS33qIkYDscZYEQFVDVThd5b2z TnG/lDXXaKu4gX/3OTZ2AVZ2M8jQm6OaD2/2aAoLupIoG3qp4FCpuiRJONEgXtam wtzr9zIabrUiYN8RMvwyWqeM6rkTl1NoQSFXZmCWr4ZzyTOarw2gGNsJhlV7HrAP XLz+LcTYYCLO06Gi+jvHw4EnZtiZTCLR93xljg1doo4DKzlAPa1NH1EHLFCGRgEJ 0t+xbHYYICjy7/BSlpQg =Cz6e -----END PGP SIGNATURE-----
