Your message dated Mon, 16 Jun 2008 09:02:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#485841: fixed in freetype 2.3.6-1
has caused the Debian Bug report #485841,
regarding freetype: multiple security issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
485841: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485841
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: freetype
Version: 2.3.5-1
Severity: important
Tags: security
Hi,
there are some security issues for FreeType2 2.3.5 as you can
see on the following websites:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717
It seems that they are be solved in the new version 2.3.6 of
FreeType2.
Kind regards,
Thomas.
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: freetype
Source-Version: 2.3.6-1
We believe that the bug you reported is fixed in the latest version of
freetype, which is due to be installed in the Debian FTP archive:
freetype2-demos_2.3.6-1_amd64.deb
to pool/main/f/freetype/freetype2-demos_2.3.6-1_amd64.deb
freetype_2.3.6-1.diff.gz
to pool/main/f/freetype/freetype_2.3.6-1.diff.gz
freetype_2.3.6-1.dsc
to pool/main/f/freetype/freetype_2.3.6-1.dsc
freetype_2.3.6.orig.tar.gz
to pool/main/f/freetype/freetype_2.3.6.orig.tar.gz
libfreetype6-dev_2.3.6-1_amd64.deb
to pool/main/f/freetype/libfreetype6-dev_2.3.6-1_amd64.deb
libfreetype6-udeb_2.3.6-1_amd64.udeb
to pool/main/f/freetype/libfreetype6-udeb_2.3.6-1_amd64.udeb
libfreetype6_2.3.6-1_amd64.deb
to pool/main/f/freetype/libfreetype6_2.3.6-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steve Langasek <[EMAIL PROTECTED]> (supplier of updated freetype package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 15 Jun 2008 23:52:53 -0700
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.3.6-1
Distribution: unstable
Urgency: low
Maintainer: Steve Langasek <[EMAIL PROTECTED]>
Changed-By: Steve Langasek <[EMAIL PROTECTED]>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 485841
Changes:
freetype (2.3.6-1) unstable; urgency=low
.
* New upstream release
- Fixes multiple vulnerabilities in the PFB font parser (CVE-2008-1806,
CVE-2008-1807, CVE-2008-1808). Closes: #485841.
* Fix some very bizarre quoting of $CFLAGS in debian/rules
Checksums-Sha1:
1291bf7fa82ddb5b91a4d4d825b59f0950a59824 1170 freetype_2.3.6-1.dsc
4dedc0a5fd1cb7d905947c37537f17a7ee053ac0 1608279 freetype_2.3.6.orig.tar.gz
11991214ebe53c09df7f8a8a58ff303603b8afe9 30280 freetype_2.3.6-1.diff.gz
6cde76629b19f7670ed264e938dc235c05c75ebd 382788 libfreetype6_2.3.6-1_amd64.deb
b0bdb96aa1ce9067534ad2b2d6ee7741973dd986 710770
libfreetype6-dev_2.3.6-1_amd64.deb
802e89424837a2209adb316fb5d593f48e5b982a 223776
freetype2-demos_2.3.6-1_amd64.deb
798788f8e04307a8bfa3c6d7be8ded800119a8d9 269748
libfreetype6-udeb_2.3.6-1_amd64.udeb
Checksums-Sha256:
3f135305ede1c9ebbc9db4dfd73d07695e7058018e2437bb189f9892780709c9 1170
freetype_2.3.6-1.dsc
fb741898a563bee75893d3e3111f970e04e96c50944cd0f77131f462ef88ad75 1608279
freetype_2.3.6.orig.tar.gz
ed3ebb8cbca6863685cf4fec3be5c19025ab6d7acfbe061e5e34524a6992badc 30280
freetype_2.3.6-1.diff.gz
6e2768423de9cc203f78572a328cfd8c70625ec2f598927d5b79df93a4089156 382788
libfreetype6_2.3.6-1_amd64.deb
38e81c8b957d3bc8c4f9842bd31c0001b7fc31fe8cfb7115424c2b462f20d34c 710770
libfreetype6-dev_2.3.6-1_amd64.deb
eaec3deb5cfbb8560f0a5df0899064fc42941a34c2602ec42636c55544bfb56b 223776
freetype2-demos_2.3.6-1_amd64.deb
5ea43245ef0098f1679ebc03bcb54a70af7cf6d91b6c6a98026c64d92b7d70a9 269748
libfreetype6-udeb_2.3.6-1_amd64.udeb
Files:
daf134e4ed27455a8977954a54e600ce 1170 libs optional freetype_2.3.6-1.dsc
f5c58d49f17517aa24c4c39bc698df70 1608279 libs optional
freetype_2.3.6.orig.tar.gz
b8fc62827ae3f91f49b305dd8c9e3406 30280 libs optional freetype_2.3.6-1.diff.gz
0b124aff08add8239f2d6fa5089d85fa 382788 libs optional
libfreetype6_2.3.6-1_amd64.deb
ea8dd2fbd6863f969c0e5ba7340e754b 710770 libdevel optional
libfreetype6-dev_2.3.6-1_amd64.deb
0459c895d6a0a80fad8e24f9d20cedd7 223776 utils optional
freetype2-demos_2.3.6-1_amd64.deb
92dcd71d5b20eeb33007235ece279be6 269748 debian-installer extra
libfreetype6-udeb_2.3.6-1_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIVhrAKN6ufymYLloRAi8kAJ95aA6b8mYcZhq2wbfyZMZ93PzxWwCgnErj
b79smPZZpRzNKv3QC3DQfKs=
=WBLV
-----END PGP SIGNATURE-----
--- End Message ---