-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 26 Apr 2017 16:49:53 +0200 Source: freetype Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb Architecture: source amd64 Version: 2.4.9-1.1+deb7u6 Distribution: wheezy-security Urgency: medium Maintainer: Steve Langasek <vorlon@debian.org> Changed-By: Emilio Pozuelo Monfort <pochu@debian.org> Description: freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb) Changes: freetype (2.4.9-1.1+deb7u6) wheezy-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2017-8105: Out of bounds write caused by heap buffer overflow in t1_builder_add_point. * CVE-2016-10328: Drop patch. Turns out the wheezy version wasn't affected by this issue, only the master branch was affected. Checksums-Sha1: 685e80f288e9da2a8b60938874c12a3ccd1add46 1823 freetype_2.4.9-1.1+deb7u6.dsc 314a3ef4bfd113c68b29c1eb762e70c918b75603 1831737 freetype_2.4.9-1.1+deb7u6.tar.gz 8fb4075bb96f1816391cbaca916cab6900902ee2 453502 libfreetype6_2.4.9-1.1+deb7u6_amd64.deb 8fecc5a9e90517a87ec080f71bf541573c2ba773 804948 libfreetype6-dev_2.4.9-1.1+deb7u6_amd64.deb e9dad85b2a8114483dc816a4102c181cad0fbbd7 217716 freetype2-demos_2.4.9-1.1+deb7u6_amd64.deb d817499da3f32e16833972840794388f3918906f 272512 libfreetype6-udeb_2.4.9-1.1+deb7u6_amd64.udeb Checksums-Sha256: 66768255d1c807e0879ae1f2d01456e36d0f3f46f57204d930e2be1aefff2580 1823 freetype_2.4.9-1.1+deb7u6.dsc 26bf7f2f4d79e32002d02a9eefa2041a661dd0fb163f8b4090d9ba166a8a5548 1831737 freetype_2.4.9-1.1+deb7u6.tar.gz dfe1869409cf0d88137eb3615f4c6a627a695790950d8287a9512e3248278d34 453502 libfreetype6_2.4.9-1.1+deb7u6_amd64.deb c193c4256e048cb43e5527280ef12cd482efbe4d8f76c0b8d8a58f6e8be509ae 804948 libfreetype6-dev_2.4.9-1.1+deb7u6_amd64.deb 57b35e193f35b75a636ca6526ecc3d629d8351ca440b211ab3d373a313010cbd 217716 freetype2-demos_2.4.9-1.1+deb7u6_amd64.deb fef1c0d64e1b1e06ff5fc1860dd3ed63c5056bfd35249afa0eafbbbf5e84453d 272512 libfreetype6-udeb_2.4.9-1.1+deb7u6_amd64.udeb Files: 16ec5c9d9f18f753406ed76674bb7cbe 1823 libs optional freetype_2.4.9-1.1+deb7u6.dsc f37f09c042ee97f3c9e8d2f767d9824f 1831737 libs optional freetype_2.4.9-1.1+deb7u6.tar.gz b651ff76c467a9a2a4728c6730b154ed 453502 libs optional libfreetype6_2.4.9-1.1+deb7u6_amd64.deb d51178da0eb45b100b1db0974fc07432 804948 libdevel optional libfreetype6-dev_2.4.9-1.1+deb7u6_amd64.deb 99d2dff56bc2e7e8d63ad759f3ab45dd 217716 utils optional freetype2-demos_2.4.9-1.1+deb7u6_amd64.deb ae6c1d05502fba1dd37ad13a19dbf712 272512 debian-installer extra libfreetype6-udeb_2.4.9-1.1+deb7u6_amd64.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlkAv1wACgkQnUbEiOQ2 gwIkQw//YHsLJCAi8tvolvswoLCek5YoESCe1aqplQlAb3Qy8Hs3LyXoq+7yuRkf yCrh8ajgjY6EIWqy0ANq8tqG4GX6NWibZ9ar//ADZUFszmVxiD77egh0kLcQuj36 mAqZHlM3sCZTwVAJ3K1mRZI08X07eDcT1vr61yI1/TqyZqXnuFGekzWt+FlQxyRT ianNIkhbJNcs91+nO9Xs5Es7vVfnFlKNvxWN3Ql2zM320eJtA8l5jW4qeh/iDMXv Z/BbvX4o/GeBE2tbGDWhreWh+H+xre06NtZAhBww0IQDYoFTv4lEPVJWznG8Jaqu xRmRn8B2fqboldZazKWcK6hr1cgcKXea9O9LEhSQ/J8MGww4nwGCkvQ0Cx1nHg7b v2IW7Ddze8zYCekZdG9zNXT2X9aXQM/iJs+XTtSrXFkCaHTq51ag2Hls/3X8szZs 43fDuzqfLNgEZgLF1FXS/pTTpUIco2SfwebRKxb3kdvkqygocnK6L0YupY02IXQG Nu1nO937KNDcsANeYGwM+MWHjygqeS1dZMzmsrM6hWYLwCb3hOL6+/flE/Q5U6gb O5WN0Ee+eDyHMlHyJonhjmRlJgtmaN+Za/iaGaxA5duqcWyvDOAmipVTI5y4oz/b U/MZK/gsBUzH6OGwyScdH2Lj/QT/o3ZVKSOzbNWsw4svumrR/b0= =kqQ+ -----END PGP SIGNATURE-----