Ubuntu
freetype package

Change logs for freetype source package in Gutsy

  1. Gutsy (7.10)
  2. Change log 
  • freetype (2.3.5-1ubuntu4.7.10.1) gutsy-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2008-1806_7_8.patch: upstream fixes
    thanks to Steffen Joeris.
  * References
    CVE-2008-1806 CVE-2008-1807 CVE-2008-1808

 -- Kees Cook <email address hidden>   Wed, 10 Sep 2008 16:28:22 -0700
  • freetype (2.3.5-1ubuntu4) gutsy; urgency=low

  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - Restore patch that enables subpixel rendering features, now that
      libcairo and xft provide the ability for the specific lcd filter
      to be changed.

 -- Scott James Remnant <email address hidden>   Thu, 20 Sep 2007 20:51:00 +0100
  • freetype (2.3.5-1ubuntu3) gutsy; urgency=low

  * debian/patches-freetype/series
   - Fix the removal of enable-subpixel-rendering.patch

 -- Matthew Garrett <email address hidden>   Thu, 20 Sep 2007 15:19:56 +0100
  • freetype (2.3.5-1ubuntu2) gutsy; urgency=low

  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - remove - not needed with the bytecode interpreter enabled, and
      results in incorrect rendering

 -- Matthew Garrett <email address hidden>   Thu, 20 Sep 2007 05:07:09 +0100
  • freetype (2.3.5-1ubuntu1) gutsy; urgency=low

  [ Matti Lindell ]
  * debian/patches-freetype/enable-subpixel-rendering.patch:
    - enable subpixel rendering features, used by libcairo and xft to
      provide LCD colour filtering.  This is considered no more or less
      evil than the bytecode interpreter which we also enable.

  [ Scott James Remnant ]
  * Work around Soyuz breakage.

 -- Scott James Remnant <email address hidden>   Tue, 18 Sep 2007 19:42:32 +0100
  • freetype (2.3.5-1) unstable; urgency=low

  * New upstream release
    - Drop patches 374902-composite-glyphs, CVE-2006-3467_pcf-strlen,
      and CVE-2007-2754_ttgload, merged upstream.
    - Bump the shlibs to 2.3.5 for new symbols.

 -- Matthias Klose <email address hidden>   Fri,  13 Jul 2007 15:12:02 +0100
  • freetype (2.2.1-6ubuntu1) gutsy; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/patches-freetype/CVE-2007-1351_bdf_integer.patch: still needed
      from prior security update.

freetype (2.2.1-6) unstable; urgency=high

  * High-urgency upload for security fix.
  * Remove spurious patch file from the package diff, sigh.
  * Add debian/patches-freetype/CVE-2007-2754_ttgfload to address
    CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted
    TTF image by way of an integer overflow.  Closes: #425625.

 -- Kees Cook <email address hidden>   Wed, 30 May 2007 13:05:52 -0700
  • freetype (2.2.1-5ubuntu1) feisty; urgency=low

  * SECURITY UPDATE: arbitrary code execution via integer overflows.
  * Add debian/patches-freetype/CVE-2007-1351_bdf_integer.patch from
    upstream changes.
  * References
    CVE-2007-1351

 -- Kees Cook <email address hidden>   Mon,  2 Apr 2007 15:31:32 -0700