| Links to HEAD: | (view) (download) (as text) (annotate) |
| Links to HEAD: | (view) (download) (as text) (annotate) |
| Sticky Tag: | |
| Sort logs by: |
* Tue Oct 05 2010 Kevin Kofler <Kevin@tigcc.ticalc.org> 2.3.11-2 - Update the description to reflect that the bytecode interpreter is no longer patented (but still disabled in the stock Fedora freetype). - Add freetype-2.3.11-CVE-2010-2805.patch (Fix comparison.) - Add freetype-2.3.11-CVE-2010-2806.patch (Protect against negative string_size. Fix comparison.) - Add freetype-2.3.11-CVE-2010-2808.patch (Check the total length of collected POST segments.) - Add freetype-2.3.11-CVE-2010-3311.patch (Don't seek behind end of stream.) - Resolves: rh#638522 - Add freetype-2.3.11-CVE-2010-1797.patch (Check stack after execution of operations too. Skip the evaluations of the values in decoder, if cff_decoder_parse_charstrings() returns any error.) - Resolves: rh#621627 - Add freetype-2.3.11-CVE-2010-2498.patch (Assure that `end_point' is not larger than `glyph->num_points') - Add freetype-2.3.11-CVE-2010-2499.patch (Check the buffer size during gathering PFB fragments) - Add freetype-2.3.11-CVE-2010-2500.patch (Use smaller threshold values for `width' and `height') - Add freetype-2.3.11-CVE-2010-2519.patch (Check `rlen' the length of fragment declared in the POST fragment header) - Add freetype-2.3.11-CVE-2010-2520.patch (Fix bounds check) - Add freetype-2.3.11-CVE-2010-2527.patch (Use precision for `%s' where appropriate to avoid buffer overflows) - Add freetype-2.3.11-CVE-2010-2541.patch (Avoid overflow when dealing with names of axes) - Resolves: rh#613299
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, select a symbolic revision name using the selection box, or choose 'Use Text Field' and enter a numeric revision.