Change logs for freetype source package in Karmic

freetype (2.3.9-5ubuntu0.4) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via libXft overflow.
    - debian/patches/CVE-2010-3311.patch: correctly validate position in
      src/base/ftstream.c.
    - CVE-2010-3311
  * SECURITY UPDATE: denial of service and possible code execution via
    improper error handling of SHZ bytecode instruction
    - debian/patches/CVE-2010-3814.patch: add bounds check to
      src/truetype/ttinterp.c.
    - CVE-2010-3814
  * SECURITY UPDATE: denial of service and possible code execution via
    TrueType GX font
    - debian/patches/CVE-2010-3855.patch: add bounds checks to
      src/truetype/ttgxvar.c.
    - CVE-2010-3855
 -- Marc Deslauriers <email address hidden>   Tue, 02 Nov 2010 14:54:40 -0400

freetype (2.3.9-5ubuntu0.2) karmic-security; urgency=low

  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in CFF Type2 CharStrings interpreter (LP: #617019)
    - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
      in src/cff/cffgload.c.
    - CVE-2010-1797
  * SECURITY UPDATE: possible arbitrary code execution via buffer overflow
    in the ftmulti demo program (LP: #617019)
    - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
      sizes in src/ftmulti.c.
    - CVE-2010-2541
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
      src/base/ftstream.c.
    - CVE-2010-2805
  * SECURITY UPDATE: possible arbitrary code execution via improper bounds
    checking (LP: #617019)
    - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
      src/type42/t42parse.c.
    - CVE-2010-2806
  * SECURITY UPDATE: possible arbitrary code execution via improper type
    comparisons (LP: #617019)
    - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
      checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
    - CVE-2010-2807
  * SECURITY UPDATE: possible arbitrary code execution via memory
    corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
    - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
      src/base/ftobjs.c.
    - CVE-2010-2808
  * SECURITY UPDATE: denial of service via bdf font (LP: #617019)
    - debian/patches-freetype/bug30135.patch: don't modify value in static
      string in src/bdf/bdflib.c.
  * SECURITY UPDATE: denial of service via nested "seac" calls
    - debian/patches-freetype/nested-seac.patch: handle nested calls
      correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
      src/cff/cffgload.h, src/psaux/t1decode.c.
 -- Marc Deslauriers <email address hidden>   Fri, 13 Aug 2010 10:05:35 -0400

freetype (2.3.9-5ubuntu0.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via invalid free
    - debian/patches/CVE-2010-2498.patch: validate number of points in
      src/pshinter/pshalgo.c.
    - CVE-2010-2498
  * SECURITY UPDATE: arbitrary code execution via buffer overflow
    - debian/patches/CVE-2010-2499.patch: check positions and return code
      in src/base/ftobjs.c.
    - CVE-2010-2499
  * SECURITY UPDATE: arbitrary code execution via integer overflow
    - debian/patches/CVE-2010-2500.patch: switch to unsigned in
      src/smooth/ftgrays.c, check signed width and height in
      src/smooth/ftsmooth.c.
    - CVE-2010-2500
  * SECURITY UPDATE: arbitrary code execution via heap buffer overflow
    - debian/patches/CVE-2010-2519.patch: correctly calculate length in
      src/base/ftobjs.c.
    - CVE-2010-2519
  * SECURITY UPDATE: arbitrary code execution via invalid realloc
    - debian/patches/CVE-2010-2520.patch: perform bounds checking in
      src/truetype/ttinterp.c.
    - CVE-2010-2520
  * SECURITY UPDATE: arbitrary code execution via buffer overflows
    - debian/patches/CVE-2010-2527.patch: change buffer sizes in
      src/{ftdiff,ftgrid,ftmulti,ftstring,ftview}.c.
    - CVE-2010-2527
 -- Marc Deslauriers <email address hidden>   Thu, 15 Jul 2010 09:32:35 -0400

freetype (2.3.9-5) unstable; urgency=low

  * Pass proper --host/--build args to ./configure, to support
    cross-building.  Closes: #465292.
  * clean up a number of unused variables in debian/rules; maybe someday
    we'll get this package to converge on debhelper 7... :)
  * Fix the doc-base section for libfreetype6-dev.  Closes: #315845.
  * Remove one final reference to /usr/X11R6 in debian/rules.
  * Drop incorrect Replaces: freetype0, freetype1
  * Add debian/README.source, documenting the madness that is this source
    package.
  * Standards-Version to 3.8.0.
  * Fix multiple integer overflows leading to arbitrary code execution
    or DoS (CVE-2009-0946; Closes: #524925).  Thanks to Nico Golde for the
    NMU.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Thu,  04 Jun 2009 05:47:39 +0100

freetype (2.3.9-4.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix multiple integer overflows leading to arbitrary code execution
    or DoS (CVE-2009-0946; Closes: #524925).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  28 Apr 2009 23:04:48 +0100

freetype (2.3.9-4build1) jaunty; urgency=low

  * No-change rebuild to fix lpia shared library dependencies.

 -- Colin Watson <email address hidden>   Thu, 19 Mar 2009 01:58:27 +0000