lp://staging/ubuntu/quantal-security/libxfont
- Get this branch:
- bzr branch lp://staging/ubuntu/quantal-security/libxfont
Branch merges
Related source package recipes
Branch information
Recent revisions
- 32. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
font metadata file parsing
- debian/patches/ CVE-2014- 0209.patch: check for overflows in
src/fontfile/ dirfile. c, src/fontfile/ fontdir. c.
- CVE-2014-0209
* SECURITY UPDATE: denial of service and possible code execution via
xfs font server replies
- debian/patches/ CVE-2014- 021x.patch: check lengths and sizes in
src/fc/fsconvert. c, src/fc/fserve.c.
- CVE-2014-0210
- CVE-2014-0211 - 31. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
stack overflow
- debian/patches/ CVE-2013- 6462.patch: limit sscanf field in
src/bitmap/ bdfread. c.
- CVE-2013-6462 - 29. By Cyril Brulebois
-
[ Cyril Brulebois ]
* New upstream release.
* Switch to dh:
- Bump debhelper build-dep and compat.
- Rewrite debian/rules, using autoreconf and quilt sequences.
- Adjust build dependencies accordingly.
- Use build-main and build-udeb as build directories.
- Adjust .install accordingly.
* Remove xsfbs accordingly.
* Add support for hardened build flags through dpkg-buildflags, based
on a patch by Moritz Muehlenhoff, thanks! (Closes: #654154).[ Julien Cristau ]
* Remove David Nusinow from Uploaders. - 28. By Cyril Brulebois
-
[ Julien Cristau ]
* Drop Pre-Depends on x11-common (only needed for upgrades from the
monolith) and Replaces on xlibs-static-dev (hasn't existed in forever).[ Cyril Brulebois ]
* New upstream release:
- LZW decompress: fix for CVE-2011-2895. From the commit message:
“Specially crafted LZW stream can crash an application using libXfont
that is used to open untrusted font files. With X server, this may
allow privilege escalation when exploited.”
* Set urgency to “high” accordingly.
* Update debian/copyright from upstream COPYING.
* Bump xorg-sgml-doctools build-dep.
* Drop xorg.css from .install, no longer shipped upstream. - 26. By Cyril Brulebois
-
* New upstream release.
* Bump xutils-dev build-dep for new macros.
* Add xmlto, xorg-sgml-doctools, and w3m build-dep for the doc.
* Pass --with-xmlto and --without-fop for the regular build (we want
html and txt only). Disable both for the udeb build.
* Tweak doc filenames, and handle that through dh_install.
* Add --fail-missing -XlibXfont.la for the second dh_install call (the
udeb one), for additional safety. - 25. By Julien Cristau
-
* New upstream release.
* Bump xutils-dev build-dep for new xorg-macros.
* Bump shlibs for register_fpe_functions( ).
* Update debian/copyright.
* Bump Standards-Version to 3.9.0, no changes. - 24. By Cyril Brulebois
-
[ Julien Cristau ]
* Rename the build directory to not include DEB_BUILD_GNU_TYPE for no
good reason. Thanks, Colin Watson!
* Remove myself from Uploaders[ Cyril Brulebois ]
* Use dh_makeshlibs’s -V argument instead of debian/libxfont1. shlibs
* Add udeb needed for the graphical installer: libxfont1-udeb.
* Version the B-D on libfontenc-dev to ensure libxfont1-udeb gets a
dependency on libfontenc1-udeb.
* Use a bzip2-less flavour for the udeb.
* Bump Standards-Version from 3.8.3 to 3.8.4 (no changes needed).
* Fix obsolete-relation- form-in- source by using “<<” instead of “<” for
xprint in Conflicts, thanks to lintian.
* Add myself to Uploaders. - 23. By Julien Cristau
-
* New upstream release.
* Bump xutils-dev build-dep for new util-macros.
* Build documentation, install it in libxfont-dev.
* Enable support for bzip2 compressed bitmap fonts.
* Don't use LDFLAGS from the environment. Ubuntu sets that to
-Bsymbolic-functions, which breaks libXfont's weak symbols usage.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/trusty/libxfont
