New branch 'debian-squeeze' available with the following commits:
commit a13fa846ed2c1cfc9cf10a73b6487e244c53bd13
Author: Julien Cristau <[email protected]>
Date: Thu Aug 11 16:15:56 2011 +0200
Upload to squeeze-security
commit 72f3245295852dd0ca59ec2c4157c96ff14294d3
Author: Thomas Hoger <[email protected]>
Date: Mon Aug 8 18:03:09 2011 +0200
LZW decompress: fix for CVE-2011-2895
Specially crafted LZW stream can crash an application using libXfont
that is used to open untrusted font files. With X server, this may
allow privilege escalation when exploited
Reviewed-by: Matthieu Herrb <[email protected]>
Signed-off-by: Matthieu Herrb <[email protected]>
Signed-off-by: Alan Coopersmith <[email protected]>
(cherry picked from commit d11ee5886e9d9ec610051a206b135a4cdc1e09a0)
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
