Ubuntu
libxfont package

Change logs for libxfont source package in Wily

Wily (15.10)
Change log

libxfont (1:1.5.1-1) unstable; urgency=high


  * New upstream release
    + bdfReadProperties: property count needs range check [CVE-2015-1802]
    + bdfReadCharacters: bailout if a char's bitmap cannot be read
      [CVE-2015-1803]
    + bdfReadCharacters: ensure metrics fit into xCharInfo struct
      [CVE-2015-1804]

 -- Julien Cristau <email address hidden>  Tue, 17 Mar 2015 16:55:21 +0100

libxfont (1:1.4.99.901-1ubuntu1) vivid; urgency=medium

  * SECURITY UPDATE: arbitrary code exection via invalid property count
    - debian/patches/CVE-2015-1802.patch: check for integer overflow in
      src/bitmap/bdfread.c.
    - CVE-2015-1802
  * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
    - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
      in src/bitmap/bdfread.c.
    - CVE-2015-1803
  * SECURITY UPDATE: arbitrary code execution via invalid metrics
    - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
      src/bitmap/bdfread.c.
    - CVE-2015-1804
 -- Marc Deslauriers <email address hidden>   Wed, 18 Mar 2015 07:26:08 -0400

Ubuntulibxfont package

Change logs for libxfont source package in Wily

Ubuntu
libxfont package