Ubuntu
freetype package

lp://staging/ubuntu/jaunty-security/freetype

  1. Jaunty (9.04)
  2. jaunty-security
Created by James Westby and last modified
Get this branch:
bzr branch lp://staging/ubuntu/jaunty-security/freetype
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

25. By Marc Deslauriers

* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
  in CFF Type2 CharStrings interpreter (LP: #617019)
  - debian/patches-freetype/CVE-2010-1797.patch: check number of operands
    in src/cff/cffgload.c.
  - CVE-2010-1797
* SECURITY UPDATE: possible arbitrary code execution via buffer overflow
  in the ftmulti demo program (LP: #617019)
  - debian/patches-ft2demos/CVE-2010-2541.patch: use strncat and adjust
    sizes in src/ftmulti.c.
  - CVE-2010-2541
* SECURITY UPDATE: possible arbitrary code execution via improper bounds
  checking (LP: #617019)
  - debian/patches-freetype/CVE-2010-2805.patch: fix calculation in
    src/base/ftstream.c.
  - CVE-2010-2805
* SECURITY UPDATE: possible arbitrary code execution via improper bounds
  checking (LP: #617019)
  - debian/patches-freetype/CVE-2010-2806.patch: check string sizes in
    src/type42/t42parse.c.
  - CVE-2010-2806
* SECURITY UPDATE: possible arbitrary code execution via improper type
  comparisons (LP: #617019)
  - debian/patches-freetype/CVE-2010-2807.patch: perform better bounds
    checking in src/smooth/ftsmooth.c, src/truetype/ttinterp.*.
  - CVE-2010-2807
* SECURITY UPDATE: possible arbitrary code execution via memory
  corruption in Adobe Type 1 Mac Font File (LWFN) fonts (LP: #617019)
  - debian/patches-freetype/CVE-2010-2808.patch: check rlen in
    src/base/ftobjs.c.
  - CVE-2010-2808
* SECURITY UPDATE: denial of service via bdf font (LP: #617019)
  - debian/patches-freetype/bug30135.patch: don't modify value in static
    string in src/bdf/bdflib.c.
* SECURITY UPDATE: denial of service via nested "seac" calls
  - debian/patches-freetype/nested-seac.patch: handle nested calls
    correctly in include/freetype/internal/psaux.h, src/cff/cffgload.c,
    src/cff/cffgload.h, src/psaux/t1decode.c.

24. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via invalid free
  - debian/patches/CVE-2010-2498.patch: validate number of points in
    src/pshinter/pshalgo.c.
  - CVE-2010-2498
* SECURITY UPDATE: arbitrary code execution via buffer overflow
  - debian/patches/CVE-2010-2499.patch: check positions and return code
    in src/base/ftobjs.c.
  - CVE-2010-2499
* SECURITY UPDATE: arbitrary code execution via integer overflow
  - debian/patches/CVE-2010-2500.patch: switch to unsigned in
    src/smooth/ftgrays.c, check signed width and height in
    src/smooth/ftsmooth.c.
  - CVE-2010-2500
* SECURITY UPDATE: arbitrary code execution via heap buffer overflow
  - debian/patches/CVE-2010-2519.patch: correctly calculate length in
    src/base/ftobjs.c.
  - CVE-2010-2519
* SECURITY UPDATE: arbitrary code execution via invalid realloc
  - debian/patches/CVE-2010-2520.patch: perform bounds checking in
    src/truetype/ttinterp.c.
  - CVE-2010-2520
* SECURITY UPDATE: arbitrary code execution via buffer overflows
  - debian/patches/CVE-2010-2527.patch: change buffer sizes in
    src/{ftdiff,ftgrid,ftmulti,ftstring,ftview}.c.
  - CVE-2010-2527

23. By Marc Deslauriers

* SECURITY UPDATE: possible code execution via multiple integer overflows
  - debian/patches-freetype/security-CVE-2009-0946.patch: validate sid
    values in src/cff/cffload.c, check state->prefix in src/lzw/ftzopen.c,
    don't overflow int with table + length or ndp + numMappings * 4 in
    src/sfnt/ttcmap.c, validate glyph width and height in
    src/smooth/ftsmooth.c.
  - CVE-2009-0946

22. By Colin Watson

No-change rebuild to fix lpia shared library dependencies.

21. By Steve Langasek

* debian/patches-ft2demos/compiler-hardening-fixes.patch: always check the
  return value of fread(), to appease hardened compilers such as what's
  used in Ubuntu by default. Set a good example, even if these demos
  shouldn't be security-sensitive! Also, along the way catch and fix a
  small memory leak on error. :)
* debian/patches-freetype/proper-armel-asm-declaration.patch: use __asm__
  for declaring assembly instead of asm, fixing a build failure on armel.

20. By Steve Langasek

* Drop spurious Suggests: on libfreetype6-dev. Closes: #363937.
* debian/patches-freetype/enable-subpixel-rendering.patch: enable subpixel
  rendering features, used by libcairo and xft to provide LCD colour
  filtering. This is considered no more or less evil than the bytecode
  interpreter which we also enable.
* Move debian/libfreetype6.copyright to debian/copyright, and selectively
  install it to the single binary package in debian/rules; the same
  copyright file is used for all the binaries anyway via symlinks, so
  there's no reason it shouldn't ship as debian/copyright.
  Closes: #381228.
* Clip redundant LICENSE.TXT and GPL.TXT files from the
  libfreetype6-dev package. Closes: #459802.

19. By Steve Langasek

* Merge from Debian unstable, remaining changes:
  - debian/patches-freetype/enable-subpixel-rendering.patch:
    + enable subpixel rendering features, used by libcairo and xft to
      provide LCD colour filtering. This is considered no more or less
      evil than the bytecode interpreter which we also enable.

18. By Mike Duigou <email address hidden>

* Merge from debian testing (LP: #251369) , remaining changes:
  - debian/patches-freetype/enable-subpixel-rendering.patch:
    + enable subpixel rendering features, used by libcairo and xft to
      provide LCD colour filtering. This is considered no more or less
      evil than the bytecode interpreter which we also enable.
  - Work around Soyuz breakage.

17. By Bryce Harrington

* Merge from debian unstable, remaining changes:
  - debian/patches-freetype/enable-subpixel-rendering.patch:
    + enable subpixel rendering features, used by libcairo and xft to
      provide LCD colour filtering. This is considered no more or less
      evil than the bytecode interpreter which we also enable.
  - Work around Soyuz breakage.
* Modify Maintainer value to match the DebianMaintainerField
  specification.

16. By Scott James Remnant (Canonical)

* debian/patches-freetype/enable-subpixel-rendering.patch:
  - Restore patch that enables subpixel rendering features, now that
    libcairo and xft provide the ability for the specific lcd filter
    to be changed.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/lucid/freetype
This branch contains Public information 
Everyone can see this information.

Subscribers