-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 08 Mar 2024 01:15:58 +0200 Source: fontforge Architecture: source Version: 1:20230101~dfsg-1.1 Distribution: unstable Urgency: high Maintainer: Debian Fonts Task Force <debian-fonts@lists.debian.org> Changed-By: Adrian Bunk <bunk@debian.org> Closes: 1064967 Changes: fontforge (1:20230101~dfsg-1.1) unstable; urgency=high . * Non-maintainer upload. * CVE-2024-25081: Spline Font command injection via crafted filenames * CVE-2024-25082: Spline Font command injection via crafted archives or compressed files * Closes: #1064967 Checksums-Sha1: 23883f13d140b2c0878c2f1ebf8069726418481a 2917 fontforge_20230101~dfsg-1.1.dsc 7f5f4150a07609d4f7287ab796419a8a4ea62273 12024816 fontforge_20230101~dfsg.orig.tar.xz bca7239cd216ed5566a3933c5c31c93f966e1903 54264 fontforge_20230101~dfsg-1.1.debian.tar.xz Checksums-Sha256: 4473b29ac936f645315e0944868b35b27bafb20ea0d6190c27d31a80ec24bb63 2917 fontforge_20230101~dfsg-1.1.dsc b3bbdbbdd52638ad8dcbca15e80065e82ec6fa16cef7cc4c42954f47aae3c6b7 12024816 fontforge_20230101~dfsg.orig.tar.xz 9c8998ad21649defd273694dcdb9b2a954956f25b96a67b10a6fb41ffad3f398 54264 fontforge_20230101~dfsg-1.1.debian.tar.xz Files: 60063cb203649f2a45baa07e2e6fb7d3 2917 fonts optional fontforge_20230101~dfsg-1.1.dsc 4bada2cb3191d3383ffe9ccb6d1b73b6 12024816 fonts optional fontforge_20230101~dfsg.orig.tar.xz d1d2de8806557ef46f339e482fe5a3e5 54264 fonts optional fontforge_20230101~dfsg-1.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmXqTtoACgkQiNJCh6LY mLHU5BAAgkjGPuy+gPdc8dFAk1t1Gc+RBMi660qa4ZcUwHpocQM4FJtBEHu5qTUi a3H6vlMxJA6E9llHKp3fy1QcoeyJTotfHF0fAdQaqD+/kwdOq+MCymdMUm+1C1oD xHWZIXLvm4hALZcGfyX72LI4keQKXZgZ38kN0nI3sow3wTlgiu7v51FaXt0OVp0q er/jC/qVMAq5r08nC/NmsPAwhfbOrhHZE+D6Br+yYZvhtBiwM0YCzq7eQHSgTJfl zEgxviHJbSKNxforqMwB4qJhRvJ9UUaPipnkx76TamKncMYZg+XThRBACJ4XbRMh y4co+Bo1oQEhCwmNPq882k+JEkDppHaHghmsvcEbEy2VRTqHzRdFSHceQjb6t8cn 4HExnEsC8a4kP7WDlad9ayZwQUIjVHfChhJWTjMYNxj2RQKE3w1tSAMv9T1jwqeW x1gIUL3ZikEE8DL06qmQKDT3dMosat9Lhk1txRrHPICGvzScjp6s1nt8iyqlYEoi U2NpKAbYqmUizmP+QQjm76Q6dQG1pXx5yuIGvYrXfE/MmMsJodfpA8PUiKwEpMJY F0wzJBUcVoFiwKYVch2brK5DIejGOlvmdTLDM9g/ZFlvL7Tj5OfnAD238SCkqcJ4 aQoCu5wcARyv6wnQvvs8SVdeNVirYgBs6BOVvF4wsEwXPslVEa4= =/GlA -----END PGP SIGNATURE-----