dgit.raspbian.org Git - fontforge.git/commit

author	Adrian Bunk <bunk@debian.org>
	Fri, 15 Mar 2024 20:56:38 +0000 (22:56 +0200)
committer	Adrian Bunk <bunk@debian.org>
	Fri, 15 Mar 2024 20:56:38 +0000 (22:56 +0200)
commit	78e64cbc5a9ff5a61f82853daf240806f8fc4e2a
tree	53f891f289cb672516f016309344932758ce5c20	tree \| snapshot
parent	d59992ac35ff4e26bee1e0aeb5740d7dc400ea2f	commit \| diff
parent	492e0ae82e91315c6646a629f979b7be7f19f756	commit \| diff

fontforge (1:20201107~dfsg-4+deb11u1) bullseye-security; urgency=medium

  * Non-maintainer upload.
  * CVE-2024-25081: Spline Font command injection via crafted filenames
  * CVE-2024-25082: Spline Font command injection via crafted archives
    or compressed files
  * Closes: #1064967

[dgit import unpatched fontforge 1:20201107~dfsg-4+deb11u1]

37 files changed:

debian/README.source	\|	\|	blob
debian/changelog	\|	\|	blob
debian/clean	\|	\|	blob
debian/control	\|	\|	blob
debian/copyright	\|	\|	blob
debian/copyright-check	\|	\|	blob
debian/copyright_hints	\|	\|	blob
debian/fontforge-common.install	\|	\|	blob
debian/fontforge-common.manpages	\|	\|	blob
debian/fontforge-doc.doc-base	\|	\|	blob
debian/fontforge-doc.install	\|	\|	blob
debian/fontforge-doc.links	\|	\|	blob
debian/fontforge-extras.install	\|	\|	blob
debian/fontforge-extras.manpages	\|	\|	blob
debian/fontforge-nox.install	\|	\|	blob
debian/fontforge.install	\|	\|	blob
debian/gbp.conf	\|	\|	blob
debian/libfontforge4.install	\|	\|	blob
debian/libfontforge4.lintian-overrides	\|	\|	blob
debian/not-installed	\|	\|	blob
debian/patches/0001-add-extra-cmake-install-rules.patch	\|	\|	blob
debian/patches/0001-fix-splinefont-shell-command-injection-5367.patch	\|	\|	blob
debian/patches/0002-remove-custom-library-search-path.patch	\|	\|	blob
debian/patches/0003-use-local-libjs-mathjax.patch	\|	\|	blob
debian/patches/0004-hurd-PATH_MAX-and-MAXPATHLEN.patch	\|	\|	blob
debian/patches/0005-hurd-rename-extended-to-avoid-conflict-with-gnumach-dev.patch	\|	\|	blob
debian/patches/2003_avoid_privacy_breach.patch	\|	\|	blob
debian/patches/2004-fix-privacy-breach-logo.patch	\|	\|	blob
debian/patches/series	\|	\|	blob
debian/python3-fontforge.install	\|	\|	blob
debian/python3-fontforge.lintian-overrides	\|	\|	blob
debian/rules	\|	\|	blob
debian/salsa-ci.yml	\|	\|	blob
debian/source/format	\|	\|	blob
debian/source/lintian-overrides	\|	\|	blob
debian/upstream/metadata	\|	\|	blob
debian/watch	\|	\|	blob

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom