-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 Apr 2022 21:11:36 +1000
Source: freetype
Architecture: source
Version: 2.9.1-3+deb10u3
Distribution: oldstable
Urgency: medium
Maintainer: Hugh McMaster <
hugh.mcmaster@outlook.com>
Changed-By: Hugh McMaster <
hugh.mcmaster@outlook.com>
Closes: 1010183
Changes:
freetype (2.9.1-3+deb10u3) buster; urgency=medium
.
* Add upstream patches to fix multiple vulnerabilities. Closes: #1010183.
- CVE-2022-27404: heap buffer overflow via invalid integer decrement in
sfnt_init_face().
- CVE-2022-27405: segmentation violation via ft_open_face_internal() when
attempting to read the value of FT_LONG face_index.
- CVE-2022-27406: segmentation violation via FT_Request_Size() when
attempting to read the value of an unguarded face size handle. Checksums-Sha1:
74a5ae049b07627f88d5eae2af564cbf989fe218 3727 freetype_2.9.1-3+deb10u3.dsc
85bc5504b1c0d19936e82b333d36dc6fd4175003 113432 freetype_2.9.1-3+deb10u3.debian.tar.xz
c73249313b64e88cdbe2bd8f0971cb7895161d1c 8041 freetype_2.9.1-3+deb10u3_amd64.buildinfo
Checksums-Sha256:
675d49d0380f727f46118aca35ee640ae051cd676985c5dd65de0d7792c23979 3727 freetype_2.9.1-3+deb10u3.dsc
dfcfbff8b44f769a6937c779a17eac038a4e987ebdb3004c659e801158ca3d52 113432 freetype_2.9.1-3+deb10u3.debian.tar.xz
aad965ed4a48cb5aa4771049f1a6f9b2c120a94ca9047c475fec142ab0676995 8041 freetype_2.9.1-3+deb10u3_amd64.buildinfo
Files:
62da4251802973f039e60bb71bc7e95b 3727 libs optional freetype_2.9.1-3+deb10u3.dsc
c85dccc294b2fd562865b91d8f5b05e8 113432 libs optional freetype_2.9.1-3+deb10u3.debian.tar.xz
fafbf60604e033c78ca53616ec7fc6a9 8041 libs optional freetype_2.9.1-3+deb10u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJOBAEBCgA4FiEEOiCBPKV5RoaMUVIRWsYQdMXoG8QFAmKoi4AaHGh1Z2gubWNt YXN0ZXJAb3V0bG9vay5jb20ACgkQWsYQdMXoG8TpzhAAqNN+K8JBrnHd8heZQNQ7 QaR8YMC2fpOor8AATL2LTcPsJeJkgTYFnv+f7ap2B9FWjKrX3ivr2t0AuzK0CCD1 +CjF+s28V2b8RSEZUORL+vSFwh1vZabgg6TRCzCdjvwQYhzpPqK7Metk9FvCh1Ev PUYQ05enSzNX8XMFExE4ILtK4tRLxlXiE6cFbu8gGVo0ShSNtVzLAm3jcK3lGnWD GNXZaYwLb8uCZPmxKddVK/cdjLZHJWlC52JzTo3dXVdUUYuElluuJTGgAcOVNb71 z3CUizczo4uJxryfg6boLGjEQfdw/fl0yaGi+6X0BiWZu43M+YuDiyhcYD/RTW8q I9uGiWIHcy+2RsyKn0oqZV1C77KIZC7e6m+kBR1iA0QWGUbxa2IPNkSEjHwqXtW3 Aco6ZcfkXTaT/53dJikTeQJ494MlfXl4KiLvRc2jukmZcdrL4e07lVQw6IZh2Sau cDijMNIFkIF3f5wkJevJT5Uxr/y8WHZFCje+g/JCxJg6Jel4EDZhx2qjfMhSw3qt MWRA2FmdJGALHG7KvqEhvrNqaA4KbRpb/CblNS3l+ZaAcThHYC+f0qX+5/Fys4e+ 7NwO+iF3HWkuZ3Dp7++Q2zVb/vZjMBwscrdZgMgYTGmGxIyZyybAFOzGTeXLX9JN sMnlTui4d9xYenFaxkcdWqo=
=iCsc
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)