-
freetype (2.3.5-1ubuntu4.7.10.1) gutsy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via integer overflows.
* Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
thanks to Steffen Joeris.
* References
CVE-2008-1806 CVE-2008-1807 CVE-2008-1808
-- Kees Cook <email address hidden> Wed, 10 Sep 2008 16:28:22 -0700
-
freetype (2.3.5-1ubuntu4) gutsy; urgency=low
* debian/patches-freetype/enable-subpixel-rendering.patch:
- Restore patch that enables subpixel rendering features, now that
libcairo and xft provide the ability for the specific lcd filter
to be changed.
-- Scott James Remnant <email address hidden> Thu, 20 Sep 2007 20:51:00 +0100
-
freetype (2.3.5-1ubuntu3) gutsy; urgency=low
* debian/patches-freetype/series
- Fix the removal of enable-subpixel-rendering.patch
-- Matthew Garrett <email address hidden> Thu, 20 Sep 2007 15:19:56 +0100
-
freetype (2.3.5-1ubuntu2) gutsy; urgency=low
* debian/patches-freetype/enable-subpixel-rendering.patch:
- remove - not needed with the bytecode interpreter enabled, and
results in incorrect rendering
-- Matthew Garrett <email address hidden> Thu, 20 Sep 2007 05:07:09 +0100
-
freetype (2.3.5-1ubuntu1) gutsy; urgency=low
[ Matti Lindell ]
* debian/patches-freetype/enable-subpixel-rendering.patch:
- enable subpixel rendering features, used by libcairo and xft to
provide LCD colour filtering. This is considered no more or less
evil than the bytecode interpreter which we also enable.
[ Scott James Remnant ]
* Work around Soyuz breakage.
-- Scott James Remnant <email address hidden> Tue, 18 Sep 2007 19:42:32 +0100
-
freetype (2.3.5-1) unstable; urgency=low
* New upstream release
- Drop patches 374902-composite-glyphs, CVE-2006-3467_pcf-strlen,
and CVE-2007-2754_ttgload, merged upstream.
- Bump the shlibs to 2.3.5 for new symbols.
-- Matthias Klose <email address hidden> Fri, 13 Jul 2007 15:12:02 +0100
-
freetype (2.2.1-6ubuntu1) gutsy; urgency=low
* Merge from debian unstable, remaining changes:
- debian/patches-freetype/CVE-2007-1351_bdf_integer.patch: still needed
from prior security update.
freetype (2.2.1-6) unstable; urgency=high
* High-urgency upload for security fix.
* Remove spurious patch file from the package diff, sigh.
* Add debian/patches-freetype/CVE-2007-2754_ttgfload to address
CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted
TTF image by way of an integer overflow. Closes: #425625.
-- Kees Cook <email address hidden> Wed, 30 May 2007 13:05:52 -0700
-
freetype (2.2.1-5ubuntu1) feisty; urgency=low
* SECURITY UPDATE: arbitrary code execution via integer overflows.
* Add debian/patches-freetype/CVE-2007-1351_bdf_integer.patch from
upstream changes.
* References
CVE-2007-1351
-- Kees Cook <email address hidden> Mon, 2 Apr 2007 15:31:32 -0700