Change logs for freetype source package in Raring

freetype (2.4.11-0ubuntu1) raring; urgency=low

  * New upstream version
  * debian/patches-freetype/CVE-2012-5668.patch,
    debian/patches-freetype/CVE-2012-5669.patch,
    debian/patches-freetype/CVE-2012-5670.patch:
    - dropped, those fixes are in the new version
  * debian/patches-ft2demos/compiler_hardening_fixes.patch:
    - changed unsigned char* to char* to fix "pointer targets in assignment
      differ in signedness" build error
  * debian/libfreetype6.symbols: updated for the new version
 -- Sebastien Bacher <email address hidden>   Fri, 08 Feb 2013 12:50:09 +0100

freetype (2.4.10-0ubuntu2) raring; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via NULL
    pointer dereference
    - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
      of allocation error in src/bdf/bdflib.c.
    - CVE-2012-5668
  * SECURITY UPDATE: denial of service and possible code execution via heap
    buffer over-read in BDF parsing
    - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
      in src/bdf/bdflib.c.
    - CVE-2012-5669
  * SECURITY UPDATE: denial of service and possible code execution via out-
    of-bounds write
    - debian/patches-freetype/CVE-2012-5670.patch: normalize negative
      parameter in src/bdf/bdflib.c.
    - CVE-2012-5670
 -- Marc Deslauriers <email address hidden>   Mon, 14 Jan 2013 13:24:57 -0500

freetype (2.4.10-0ubuntu1) quantal; urgency=low

  * New upstream version
  * debian/libfreetype6.symbols:
    - new version update
  * debian/patches-freetype/savannah-bug-35847.patch,
    debian/patches-freetype/savannah-bug-35833.patch:
    - dropped, the fixes are in the new version
  * Resynchronize on Debian, remaining diff:
  * debian/patches-freetype/revert_scalable_fonts_metric.patch:
    - revert commit "Fix metrics on size request for scalable fonts.",
      it's breaking gtk underlining markups and creating some other
      issues as well (lp: #972223)

freetype (2.4.9-1) unstable; urgency=low

  * New upstream release
    - upstream fix for multiple vulnerabilities: CVE-2012-1126,
      CVE-2012-1133, CVE-2012-1134, CVE-2012-1136, CVE-2012-1142,
      CVE-2012-1144. and others.  Closes: #662864.
    - update symbols file for a new symbol, ft_raccess_guess_table
  * debian/patches-freetype/savannah-bug-35847.patch,
    debian/patches-freetype/savannah-bug-35833.patch: pull two bugfixes from
    upstream git on top of 2.4.9, to address regressions affecting
    ghostscript.  Thanks to Till Kamppeter for pointing this out.
  * push CPPFLAGS into CFLAGS for ft2demos, so our demos will be secure.
    Closes: #663613.
  * don't let a quiltrc override our QUILT_PATCHES settings in debian/rules.
    Closes: #617217.
  * Migrate debian/copyright to copyright-format 1.0, and fix up the upstream
    URL.  Closes: #642059.

freetype (2.4.8-1) unstable; urgency=high

  * New upstream release
    - upstream fix for CVE-2011-3439.  Closes: #649122.
    - adjust libfreetype6.symbols for a newly-exported function.
 -- Sebastien Bacher <email address hidden>   Fri, 03 Aug 2012 13:57:01 +0200