-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 14 Jan 2012 21:55:47 +0100 Source: t1lib Binary: libt1-5 libt1-dev t1lib-bin libt1-doc libt1-5-dbg Architecture: sparc Version: 5.1.2-3+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: sparc Build Daemon (schroeder) Changed-By: Yves-Alexis Perez Description: libt1-5 - Type 1 font rasterizer library - runtime libt1-5-dbg - Type 1 font rasterizer library - debugging runtime libt1-dev - Type 1 font rasterizer library - development libt1-doc - Type 1 font rasterizer library - developers documentation t1lib-bin - Type 1 font rasterizer library - user binaries Closes: 652996 Changes: t1lib (5.1.2-3+squeeze1) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * debian/patches: - CVE-2010-2642 added, fix heap-based buffer overflow first found in evince but applicable to the embedded afmparse library found in t1lib too. Fixes CVE-2011-0433 too on the same patch. - CVE-2011-0764 added, fix arbitrary code execution by only using ppoints when it is a valid pointer. closes: #652996 This fixes CVE-2011-0764, CVE-2011-1552, CVE-2011-1553 and CVE-2011-1554 * format-string added, fix a format string error IfTrace0 macro and another in T1_SubfsetFont(). Checksums-Sha1: bae68b9bbc9b67c6e5d9aad58bc636949431c01b 164984 libt1-5_5.1.2-3+squeeze1_sparc.deb 4aced3bc1edc400abe3dfb8bc4cbc1dee27e1df1 199540 libt1-dev_5.1.2-3+squeeze1_sparc.deb 77af0f0d02abb33892e3509ba98fc1cd32769791 61188 t1lib-bin_5.1.2-3+squeeze1_sparc.deb 8092f571cbfbd60cf6e55d30f5a9e81578f21ec8 201022 libt1-5-dbg_5.1.2-3+squeeze1_sparc.deb Checksums-Sha256: a256146ee2b3cc19999c14502e0c27440dc94a0b0310a17aa685a37fb683e776 164984 libt1-5_5.1.2-3+squeeze1_sparc.deb e12d749199fa0156e607a79dc66b406cf93dc067bc3bf374d40e24d0397dc949 199540 libt1-dev_5.1.2-3+squeeze1_sparc.deb d1908a3c8078c963c11f33c233fc96c1909c5f9a337dcc4bb1d5c6cf59c60131 61188 t1lib-bin_5.1.2-3+squeeze1_sparc.deb f1bf7cf5f43a6f8b6394ad96801c1b4d0116e59b83b481cee0d18567b872b4e6 201022 libt1-5-dbg_5.1.2-3+squeeze1_sparc.deb Files: c0a18474b7da8584d49d6b1a05d2d875 164984 libs optional libt1-5_5.1.2-3+squeeze1_sparc.deb 43010c3c1c63f99469e7c57ee01f60ce 199540 libdevel optional libt1-dev_5.1.2-3+squeeze1_sparc.deb b31e68139935707d61805beb7fb581b3 61188 misc optional t1lib-bin_5.1.2-3+squeeze1_sparc.deb 16b3ee8dc9511f503ccf5663834aae7e 201022 libdevel extra libt1-5-dbg_5.1.2-3+squeeze1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPEphYAAoJEFJVSUQr9QGr+7kP/1ydJ7cI0Mpj10ibARGLX+qy okepsWfCOMgcIB+V8b5RCmr3TikpCevV/6NAJ6QqZmbhYvTKGM4ZmayacGCz6WLF X5A4nuvAFqDxVKywGpAv67OgmaNSb80Ke0pEzVizP0oVzCVNOsFOSjRjxdC50QZo SzWxax8aNjvrbEswcCtgKZyc6qMVNqj3sRMuuPXzmIi6TvV6UKUF4FakV5+t71XL BFc58SxTKQWZK3AWJ6FxZMWwP5liNMf2SWRjD8WoXfgfonLHCt3Ihz84IHc0HI8t pERH+AS3uUXR69PMEohOFk0dJRiauZ5bAdPT6PoTaynCcxVnZjsn1Nzf5sCU9G+n nK3Kd+mgiXE/HXFqgX+TMP026n2f/beElt70HtfBUMXwzqFZXMsl0g2LoM4TEQ5w SurR26HAdQgrjWxYcYHVwOA+z37i4jTT1q8mU0E5u2vHM1AIYpyyK4Ej4B4algQR VR9lMwK3b6cJyFcyLKFmuw73pq2ZWZoTBkPkZhrYuBZEJgEk/hzNUA8Kg/CzdLyG 8vHPeX4ytzYQciYjst1isIqg2PLgby1JJ6FIZsEN1pEDyyTel5lHY3yDAdNxROpR NEnBmrIEOeyGV3wQ/HPZwap2+urvt/RZBzjOhncLbVmfn7P/DvHLUUcvpI/u/mQZ fbSVCtM8aDOce4gM3IZN =eAml -----END PGP SIGNATURE-----