-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 14 Jan 2012 21:55:47 +0100 Source: t1lib Binary: libt1-5 libt1-dev t1lib-bin libt1-doc libt1-5-dbg Architecture: source all amd64 Version: 5.1.2-3+lenny1 Distribution: oldstable-security Urgency: high Maintainer: Ruben Molina <rmolina@udea.edu.co> Changed-By: Yves-Alexis Perez <corsac@debian.org> Description: libt1-5 - Type 1 font rasterizer library - runtime libt1-5-dbg - Type 1 font rasterizer library - debugging runtime libt1-dev - Type 1 font rasterizer library - development libt1-doc - Type 1 font rasterizer library - developers documentation t1lib-bin - Type 1 font rasterizer library - user binaries Closes: 652996 Changes: t1lib (5.1.2-3+lenny1) oldstable-security; urgency=high . * Non-maintainer upload by the Security Team. * debian/patches: - CVE-2010-2642 added, fix heap-based buffer overflow first found in evince but applicable to the embedded afmparse library found in t1lib too. Fixes CVE-2011-0433 too on the same patch. - CVE-2011-0764 added, fix arbitrary code execution by only using ppoints when it is a valid pointer. closes: #652996 This fixes CVE-2011-0764, CVE-2011-1552, CVE-2011-1553 and CVE-2011-1554 * format-string added, fix a format string error IfTrace0 macro and another in T1_SubfsetFont(). Checksums-Sha1: 35f4e36d7be0cd0c8c4da3f2bbf892fdb810a514 1795 t1lib_5.1.2-3+lenny1.dsc 8d32b215d0f42562cc8c937fa2f8aacd177488ab 18921 t1lib_5.1.2-3+lenny1.diff.gz f2a5664535f0028ddc5f3644757f207ebf7d946a 610678 libt1-doc_5.1.2-3+lenny1_all.deb 517f442cb6eca20b8e4a3d70955503b026027b6a 169264 libt1-5_5.1.2-3+lenny1_amd64.deb 6aff81694daf18c192a71cf032e8b8d708ea0c28 196424 libt1-dev_5.1.2-3+lenny1_amd64.deb 5730dd086e24af74e410421a7980cb39c268809f 61620 t1lib-bin_5.1.2-3+lenny1_amd64.deb 4c237a91a18afd679339607b9e07a03a33722710 232556 libt1-5-dbg_5.1.2-3+lenny1_amd64.deb Checksums-Sha256: 8e170f289f97bddef482afa860466a5ce489bbc50dc90db656644ba9f3602f3f 1795 t1lib_5.1.2-3+lenny1.dsc 2d4af32481a2e5e48cf33d5f5813e9e364412fad6d2fd5504e8465b951c178cb 18921 t1lib_5.1.2-3+lenny1.diff.gz 98b9709c593c7094a9d000bb5692611c1daa46161b9d7c87923435df5c165eab 610678 libt1-doc_5.1.2-3+lenny1_all.deb 52aaa436870d083486e43fae8719002393d5402f2cff1f928b35da41e74fe675 169264 libt1-5_5.1.2-3+lenny1_amd64.deb 9f1ad8522544c599ee4e54a756f36268e3a618d19e75afebb7e550432ad941e6 196424 libt1-dev_5.1.2-3+lenny1_amd64.deb 3417a687ce15d6dbdea74fcdd3c1f62e9533e43c8788249358131a38441213dd 61620 t1lib-bin_5.1.2-3+lenny1_amd64.deb e6e35a022c8a0764b8f5123e058c0e9fab7892e274c22f8591552f6c6c5af8ea 232556 libt1-5-dbg_5.1.2-3+lenny1_amd64.deb Files: c659fd54e4347a87ddd4bed8d67330b9 1795 libs optional t1lib_5.1.2-3+lenny1.dsc dc15f07486c6e5a4dd02b1bcb80c5b09 18921 libs optional t1lib_5.1.2-3+lenny1.diff.gz eb22cde970983eb97d1fd024de1661d7 610678 doc optional libt1-doc_5.1.2-3+lenny1_all.deb e84d2f2513b232e9cf23d2e15eaeb8c7 169264 libs optional libt1-5_5.1.2-3+lenny1_amd64.deb a4956bfa9653f4ca6d39ef9326458dc3 196424 libdevel optional libt1-dev_5.1.2-3+lenny1_amd64.deb e39e155e203dc3fbdd8dce39b59010fa 61620 misc optional t1lib-bin_5.1.2-3+lenny1_amd64.deb 89f1a1244eb19445ef178eba7b0830d2 232556 libdevel extra libt1-5-dbg_5.1.2-3+lenny1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCgAGBQJPEq9MAAoJEDBVD3hx7wuop0MQAN0U/bZY3e1We190hVws1y9I Z3ogZpAO/agJKnsaarW3KAQYqYagDZG/weYxuVJayJZ/+/1OsUNCTab2pQVJ4YyS 61ZsYuXdy+AapUlxTWn7+3+8CSoV8LLNtkOBCjl2Dp9RhHTnfDieyUElh4njHgZ9 xU1K1yFbCrcx5SA/mdET3uTd78dhf307K5CtnCXx1wpJ1XJZcog5RmffJ6Bi+b/o mx1L7FO8PPYkxxPrAy/zDD6evui+IO2fgP5UW204nQG7rgYwVdJhleChyfpGTe8y 5sLop1oDXv0Hi7Rd8ongRxIqKCUtysph/DfHJmCiPZ22KNbiXrxasA3RFpgYGkHe olfUkHc9XqPufH3qC8Hq5JOjXSjK/kagJ/QVniAMR/WKwMq5GyNC6+Yl1AmfFXrx OkWSmEh4x2Bx8palr+SghgEYA0cKa/tRanT71/4jWfGfRG2Mm3HvxORN9YB1AWln Gh8rXMsCm/M2BAHIQhRcY/sDxrDD8qKsrL+YxlTCM5XWgACJaTCyfMdbwYFRI+Xo rsvj+gDy12txK3RVflaf+t+rcJDuOrhLVuPH6QDovKjiNLLMxgsGp6bywGazWzQ3 R6hBX+6IiBgpIJ4BP1uz2i/DHRqcxRvYmP5A/kyf0k7toqWkNCFy3YDFbFhpD0pe vg9UiPfBY9AxkrkkYpAS =FYsO -----END PGP SIGNATURE----- Accepted: libt1-5-dbg_5.1.2-3+lenny1_amd64.deb to main/t/t1lib/libt1-5-dbg_5.1.2-3+lenny1_amd64.deb libt1-5_5.1.2-3+lenny1_amd64.deb to main/t/t1lib/libt1-5_5.1.2-3+lenny1_amd64.deb libt1-dev_5.1.2-3+lenny1_amd64.deb to main/t/t1lib/libt1-dev_5.1.2-3+lenny1_amd64.deb libt1-doc_5.1.2-3+lenny1_all.deb to main/t/t1lib/libt1-doc_5.1.2-3+lenny1_all.deb t1lib-bin_5.1.2-3+lenny1_amd64.deb to main/t/t1lib/t1lib-bin_5.1.2-3+lenny1_amd64.deb t1lib_5.1.2-3+lenny1.diff.gz to main/t/t1lib/t1lib_5.1.2-3+lenny1.diff.gz t1lib_5.1.2-3+lenny1.dsc to main/t/t1lib/t1lib_5.1.2-3+lenny1.dsc