Ubuntu
libxfont package

Change logs for libxfont source package in Vivid

Vivid (15.04)
Change log

libxfont (1:1.4.99.901-1ubuntu1) vivid; urgency=medium

  * SECURITY UPDATE: arbitrary code exection via invalid property count
    - debian/patches/CVE-2015-1802.patch: check for integer overflow in
      src/bitmap/bdfread.c.
    - CVE-2015-1802
  * SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
    - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
      in src/bitmap/bdfread.c.
    - CVE-2015-1803
  * SECURITY UPDATE: arbitrary code execution via invalid metrics
    - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
      src/bitmap/bdfread.c.
    - CVE-2015-1804
 -- Marc Deslauriers <email address hidden>   Wed, 18 Mar 2015 07:26:08 -0400

libxfont (1:1.4.99.901-1) unstable; urgency=medium


  * New upstream release candidate.
    + includes the CVE-2014-{0209,0210,0211} patches
  * Remove Cyril from Uploaders.
  * Allow uscan to verify tarball signature.

 -- Julien Cristau <email address hidden>  Sat, 12 Jul 2014 17:44:11 +0200

Ubuntulibxfont package

Change logs for libxfont source package in Vivid

Ubuntu
libxfont package