libxfont (1:1.0.0-0ubuntu3.4) dapper-security; urgency=low * SECURITY UPDATE: overflow in PCF font handling. * src/bitmap/pcfread.c: patched inline from upstream commit (b76df66d2c507898472bba0f9986ef5700029a36) CVE-2008-0006 -- Kees Cook Thu, 17 Jan 2008 14:58:07 -0800 libxfont (1:1.0.0-0ubuntu3.3) dapper-security; urgency=low * SECURITY UPDATE: root privilege escalation with BDF font overflows. * src/bitmap/bdfread.c, src/fontfile/fontdir.c: upstream fixes to stop integer overflows. * References CVE-2007-1351 CVE-2007-1352 -- Kees Cook Thu, 29 Mar 2007 18:07:27 -0700 libxfont (1:1.0.0-0ubuntu3.2) dapper-security; urgency=low * SECURITY UPDATE: Root privilege escalation with crafted Type1 CID fonts. * lib/font/Type1/afm.c: Fix integer overflow in CIDAFM(). [CVE-2006-3739] * lib/font/Type1/scanfont.c: Fix integer overflow in scan_cidfont(). [CVE-2006-3740] -- Martin Pitt Mon, 11 Sep 2006 12:26:33 +0000 libxfont (1:1.0.0-0ubuntu3.1) dapper-security; urgency=low * SECURITY UPDATE: DoS (X server crash) and possible root privilege escalation. * src/bitmap/pcfread.c: Check for integer overflows when parsing PCF font files to prevent exploitable buffer overflow. * Patch taken from upstream git: http://gitweb.freedesktop.org/?p=xorg/lib/libXfont.git;a=commit;h=8d171fe61e564d8ed8f75034d4191062cecf190b * CVE-2006-3467 -- Martin Pitt Wed, 6 Sep 2006 11:30:03 +0000 libxfont (1:1.0.0-0ubuntu3) dapper; urgency=low * Change dependency on x-common to x11-common. -- Daniel Stone Thu, 19 Jan 2006 18:26:04 +1100 libxfont (1:1.0.0-0ubuntu2) dapper; urgency=low * Add libfontenc-dev and libfreetype6-dev to libxfont-dev, per Requires.private. -- Daniel Stone Wed, 21 Dec 2005 15:44:59 +1100 libxfont (1:1.0.0-0ubuntu1) dapper; urgency=low * New upstream release. -- Daniel Stone Wed, 21 Dec 2005 12:51:43 +1100 libxfont (1:0.99.3-0ubuntu1) dapper; urgency=low * New upstream release. -- Daniel Stone Mon, 12 Dec 2005 15:29:45 +1100 libxfont (1:0.99.2-0ubuntu1) dapper; urgency=low * New upstream release. -- Daniel Stone Fri, 18 Nov 2005 10:03:10 +1100 libxfont (1:0.99.1-1) dapper; urgency=low * New upstream release. * Drop libfontcache, as it has been moved to an external package. -- Daniel Stone Tue, 25 Oct 2005 09:39:01 +1000 libxfont (1:0.99.0+cvs.20050909-1) breezy; urgency=low * Fix the XFONT_FONTCACHE/FONTCACHE define in configure.ac (close: Ubuntu#14319). -- Daniel Stone Fri, 9 Sep 2005 15:39:57 +1000 libxfont (1:0.99.0-1) breezy; urgency=low * First libxfont release. -- Daniel Stone Mon, 16 May 2005 22:10:17 +1000