Change logs for libxfont source package in Wily
-
libxfont (1:1.5.1-1) unstable; urgency=high * New upstream release + bdfReadProperties: property count needs range check [CVE-2015-1802] + bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803] + bdfReadCharacters: ensure metrics fit into xCharInfo struct [CVE-2015-1804] -- Julien Cristau <email address hidden> Tue, 17 Mar 2015 16:55:21 +0100
-
libxfont (1:1.4.99.901-1ubuntu1) vivid; urgency=medium * SECURITY UPDATE: arbitrary code exection via invalid property count - debian/patches/CVE-2015-1802.patch: check for integer overflow in src/bitmap/bdfread.c. - CVE-2015-1802 * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read in src/bitmap/bdfread.c. - CVE-2015-1803 * SECURITY UPDATE: arbitrary code execution via invalid metrics - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in src/bitmap/bdfread.c. - CVE-2015-1804 -- Marc Deslauriers <email address hidden> Wed, 18 Mar 2015 07:26:08 -0400