Control: tags 1064967 + patch
Control: tags 1064967 + pending
Dear maintainer,
I've prepared an NMU for fontforge (versioned as 1:20230101~dfsg-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should cancel it.
@Security team:
If wanted, I could afterwards also prepare (pu or DSA) updates for
bookworm and bullseye.
On Wed, Mar 13, 2024 at 08:39:47PM +0100, Salvatore Bonaccorso wrote:
Hi Adrian,
Hi Salvatore,
On Fri, Mar 08, 2024 at 02:03:55AM +0200, Adrian Bunk wrote:
Control: tags 1064967 + patch
Control: tags 1064967 + pending
Dear maintainer,
I've prepared an NMU for fontforge (versioned as 1:20230101~dfsg-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should cancel it.
@Security team:
If wanted, I could afterwards also prepare (pu or DSA) updates for bookworm and bullseye.
We came to the conclusion that it warrants a DSA. Could you prepare debdiffs for bookworm-security and bulseye-security?
the debdiffs are attached.
Tested on both releases with the PoCs from [1] and that opening a normal compressed font still works.
On Wed, Mar 13, 2024 at 08:39:47PM +0100, Salvatore Bonaccorso wrote:
Hi Adrian,
Hi Salvatore,
On Fri, Mar 08, 2024 at 02:03:55AM +0200, Adrian Bunk wrote:
Control: tags 1064967 + patch
Control: tags 1064967 + pending
Dear maintainer,
I've prepared an NMU for fontforge (versioned as 1:20230101~dfsg-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should cancel it.
@Security team:
If wanted, I could afterwards also prepare (pu or DSA) updates for bookworm and bullseye.
We came to the conclusion that it warrants a DSA. Could you prepare debdiffs for bookworm-security and bulseye-security?
the debdiffs are attached.
Tested on both releases with the PoCs from [1] and that opening a normal compressed font still works.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 05:13:22 |
Calls: | 6,666 |
Files: | 12,213 |
Messages: | 5,335,948 |