-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 15 Mar 2024 22:56:38 +0200 Source: fontforge Binary: fontforge fontforge-dbgsym fontforge-extras fontforge-extras-dbgsym fontforge-nox fontforge-nox-dbgsym libfontforge4 libfontforge4-dbgsym python3-fontforge python3-fontforge-dbgsym Architecture: amd64 Version: 1:20201107~dfsg-4+deb11u1 Distribution: bullseye-security Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Adrian Bunk Description: fontforge - font editor fontforge-extras - font editor - extra programs fontforge-nox - font editor - non-X version libfontforge4 - font editor - runtime library python3-fontforge - font editor - Python bindings Closes: 1064967 Changes: fontforge (1:20201107~dfsg-4+deb11u1) bullseye-security; urgency=medium . * Non-maintainer upload. * CVE-2024-25081: Spline Font command injection via crafted filenames * CVE-2024-25082: Spline Font command injection via crafted archives or compressed files * Closes: #1064967 Checksums-Sha1: 39d16a2bbeffb339458a6b750156b031da1b39bd 2801416 fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb a5f435e619db64d0f0f972de6ab32532c6242748 372572 fontforge-extras-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 39ce222f4e6bd985097ff93395996a1630c05d60 306376 fontforge-extras_20201107~dfsg-4+deb11u1_amd64.deb 122ee2c1684ef03e3c15d6545a68c0502570f470 7784 fontforge-nox-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb a2cec85f8e3ad9debfcda29605f69ccc22241f57 38780 fontforge-nox_20201107~dfsg-4+deb11u1_amd64.deb 08f3eafa0bfb39d1d56abfdb0b5ade518b4810e2 18638 fontforge_20201107~dfsg-4+deb11u1_amd64-buildd.buildinfo f8ffbf2a41309f9b09da73d252d62392dceccccc 1364312 fontforge_20201107~dfsg-4+deb11u1_amd64.deb 2fe0db2ae084ad781c40b45709b00ccf506f692a 4043872 libfontforge4-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 95058ae990e7d57934dad7751486fc6f3260c18a 1939600 libfontforge4_20201107~dfsg-4+deb11u1_amd64.deb 3a6099a292d0eba304820b7a498d585f19970bbb 6404 python3-fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 3b6bb413107f076cd6dbde9db5087b27f8a7af7f 33696 python3-fontforge_20201107~dfsg-4+deb11u1_amd64.deb Checksums-Sha256: 6e38217641a9f736890a61853b8c2d5794970f6f9b5c9295f15b230ed6d32573 2801416 fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 1b335c0f003f6c71e2870c1dbf6a1d98d4096983346bff8c3b2a3236335e7b50 372572 fontforge-extras-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb d477fcab43dd4d9c09069ef2302f78630a978c97490fe0aa8776b36925dd278c 306376 fontforge-extras_20201107~dfsg-4+deb11u1_amd64.deb 7cd4016dd81005cc801e26f82deb6a089ac00f829b5fd01f58a9a55613675df0 7784 fontforge-nox-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 831e3a1bf4156ef43be78f57d74ea3a349e2fc68c6fdfa94a3ed337ffdf28f67 38780 fontforge-nox_20201107~dfsg-4+deb11u1_amd64.deb 122fafe33eb267aa9b8c552039ff8d9e2d833b87c25b5edba663581c14bacd15 18638 fontforge_20201107~dfsg-4+deb11u1_amd64-buildd.buildinfo 0eb4224bdb2f8b4cec1d6f7494b8e4362314634ff742f69c8e9125f474b56b91 1364312 fontforge_20201107~dfsg-4+deb11u1_amd64.deb 004d7cb7b620937e000ea874c039fc2f0a1a928ccfd4755052dd305831126634 4043872 libfontforge4-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb fee564e71292942b202ded66eee6229c9e3398583addad38737099a4d51d1a4d 1939600 libfontforge4_20201107~dfsg-4+deb11u1_amd64.deb 74660d1e30152c050c46b3c25adde5c965385f5249463dbe9c5d364380f83197 6404 python3-fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb ba5df3e6d25257290bdebfa1f23e66169f616a01b46d7d7580b01b677ba83b37 33696 python3-fontforge_20201107~dfsg-4+deb11u1_amd64.deb Files: e9739a704d0f8bb24854fc7b67857303 2801416 debug optional fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 99c01bc58d1a2cec145eaedcd7ff7148 372572 debug optional fontforge-extras-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb a1fd3a4203b221f464a32f2bbd24bc19 306376 fonts optional fontforge-extras_20201107~dfsg-4+deb11u1_amd64.deb 0ad1ee327459312837a670acd2359f15 7784 debug optional fontforge-nox-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 9391afb3b75a509ab3659b8b47fb5cc2 38780 fonts optional fontforge-nox_20201107~dfsg-4+deb11u1_amd64.deb 2382b3ac1afa92b25fcda82d81c44b81 18638 fonts optional fontforge_20201107~dfsg-4+deb11u1_amd64-buildd.buildinfo eb2eec016f514fa0052e34ea4bd912ed 1364312 fonts optional fontforge_20201107~dfsg-4+deb11u1_amd64.deb 0c8adb40df81c60b9f1829c680fe0961 4043872 debug optional libfontforge4-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb 6e0f75e0fdc3f2c3c8f8657aa907a418 1939600 libs optional libfontforge4_20201107~dfsg-4+deb11u1_amd64.deb d8ec1822da3a060abbfd4d357e882e6d 6404 debug optional python3-fontforge-dbgsym_20201107~dfsg-4+deb11u1_amd64.deb f1c46bd717a9dda9bd1d2d61dad058ed 33696 python optional python3-fontforge_20201107~dfsg-4+deb11u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfSHphWe6nwpTFrNNZXl/6h5+iU4FAmX1lMUACgkQZXl/6h5+ iU60Wg/8D/kNWu5guVYeRfewhpguoHgXAR2X3az9lTemIPTP6aBe19p8mdPpvU/S 6rAD5ng5XlNGCiui0PROOvzE3JxkrdZkoWNNmdpZYOx5QVs80qKGxTC+ZUhDeijh 4p6UzvMChEtG9cxA/nu/szd0pXVXamwRVGxukhTl62jWdWNIYPeeynrj3ZiqtR5O EwiF4FOhMkN4y5g+4GKBMKACeeCJoH5Gxql4+Gsn7PAkmH1sldZQeCVu0SfFD/Mn WGOy2prPNorb2tWoME5KUcrhHp5ItOtBSFuRvi5I/jcY5oHtKnOkP1Tf/0LkrERp BKHXDmAv2OPjRiPHm3JElLZG5Uo3TI+PN1Ms0pdF0GeIHCJRBDCiRpknkIrMaQIi SUMWwyNyheVAFcx4fmG59b2NqLwusq7EUR+LdCgaYRrNtwGvD+H39w1HuvEmInbh ZE74/syzmbALZAtMWHTNLUbaZYmcvYTtHIEA6NREdVt/3W6BHr7v5lNz2eyjA1Ge fkTcjNK/lEpX6k6RrR9T74UUSWe6KbD7ksasX9Vib3OiLMh9UMVCSD/z3s+cYVmI o/qb0K6HxZHtZsi+KBXYV8DgTuMdP5JIXqYeYR/2CCI3kJoM7Cgi06yCeAAlI28T u9Migx6xVQUHkR8ZsJmAsVPrWVHh2ZE6KjAldmozYeFmtFgXbRs= =f+9x -----END PGP SIGNATURE-----