Debian Bug report logs - #605537
CVE-2010-4259: fontforge: buffer overflow when parsing CHARSET_REGISTRY header of .BDF files

version graph

Package: fontforge; Maintainer for fontforge is Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>; Source for fontforge is src:fontforge.

Reported by: Ulrik Persson <ddefrostt@gmail.com>

Date: Tue, 30 Nov 2010 23:21:02 UTC

Severity: grave

Tags: security

Found in version fontforge/0.0.20100501-2

Fixed in versions fontforge/0.0.20100501-4, fontforge/0.0.20080429-1+lenny2

Done: Thijs Kinkhorst <thijs@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>:
Bug#605537; Package fontforge. (Tue, 30 Nov 2010 23:21:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Ulrik Persson <ddefrostt@gmail.com>:
New Bug report received and forwarded. Copy sent to Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>. (Tue, 30 Nov 2010 23:21:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Ulrik Persson <ddefrostt@gmail.com>
To: submit@bugs.debian.org
Subject: fontforge: buffer overflow when opening .BDF files
Date: Wed, 1 Dec 2010 00:17:39 +0100
[Message part 1 (text/plain, inline)]
Subject: fontforge: buffer overflow when opening .BDF files
Package: fontforge
Version: 0.0.20100501-2
Severity: important
Tags: security

Hello,

I have found a buffer overflow in fontforge when opening .BDF files. It is
a stack-based buffer overflow with full control over EIP, and it occurs
when parsing too long "CHARSET_REGISTRY" lines.

To reproduce, start fontforge with the attached example file as a parameter,
or start fontforge and then open the same file in the graphical interface.

-- System Information:
Debian Release: squeeze/sid
 APT prefers testing
 APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages fontforge depends on:
ii  libc6                   2.11.2-7         Embedded GNU C Library: Shared lib
ii  libcairo2               1.8.10-6         The Cairo 2D vector graphics libra
ii  libfontconfig1          2.8.0-2.1        generic font configuration library
ii  libfontforge1           0.0.20100501-2   font editor - runtime library
ii  libfreetype6            2.4.2-2.1        FreeType 2 font engine, shared lib
ii  libgdraw4               0.0.20100501-2   font editor - runtime graphics and
ii  libgif4                 4.1.6-9          library for GIF images (library)
ii  libglib2.0-0            2.24.2-1         The GLib library of C routines
ii  libice6                 2:1.0.6-2        X11 Inter-Client Exchange library
ii  libjpeg62               6b1-1            The Independent JPEG Group's JPEG
ii  libpango1.0-0           1.28.3-1         Layout and rendering of internatio
ii  libpng12-0              1.2.44-1         PNG library - runtime
ii  libpython2.6            2.6.6-6          Shared Python runtime library (ver
ii  libsm6                  2:1.1.1-1        X11 Session Management library
ii  libspiro0               20071029-2       a library for curve design
ii  libtiff4                3.9.4-5          Tag Image File Format (TIFF) libra
ii  libuninameslist0        0.0.20091231-1   a library of Unicode annotation da
ii  libx11-6                2:1.3.3-4        X11 client-side library
ii  libxft2                 2.1.14-2         FreeType-based font drawing librar
ii  libxml2                 2.7.8.dfsg-1     GNOME XML library
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

fontforge recommends no packages.

Versions of packages fontforge suggests:
pn  autotrace                     <none>     (no description available)
pn  fontforge-doc                 <none>     (no description available)
pn  fontforge-extras              <none>     (no description available)
pn  potrace                       <none>     (no description available)
pn  python-fontforge              <none>     (no description available)

-- no debconf information

-- 
Ulrik | Underground Stockholm | http://underground-stockholm.com/
[fontforge-overflow.txt (text/plain, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>:
Bug#605537; Package fontforge. (Mon, 06 Dec 2010 23:39:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>. (Mon, 06 Dec 2010 23:39:03 GMT) Full text and rfc822 format available.

Message #10 received at 605537@bugs.debian.org (full text, mbox):

From: Raphael Geissert <geissert@debian.org>
To: 605537@bugs.debian.org
Cc: control@bugs.debian.org, 605537-submitter@bugs.debian.org
Subject: Re: Bug#605537: fontforge: buffer overflow when opening .BDF files
Date: Mon, 6 Dec 2010 17:34:41 -0600
severity 605537 grave
retitle 605537 CVE-2010-4259: fontforge: buffer overflow when parsing
CHARSET_REGISTRY header of .BDF files
thanks

Hi,

A patch (along with details) is available at:
https://bugzilla.redhat.com/659359

When fixing the vulnerability please mention the id (CVE-2010-4259) in
the changelog.
Would be great if you could also prepare a fixed version for stable
(usual coordination with team@security.d.o applies.)

Thanks in advance.

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net




Severity set to 'grave' from 'important' Request was from Raphael Geissert <geissert@debian.org> to control@bugs.debian.org. (Mon, 06 Dec 2010 23:39:04 GMT) Full text and rfc822 format available.

Changed Bug title to 'CVE-2010-4259: fontforge: buffer overflow when parsing' from 'fontforge: buffer overflow when opening .BDF files' Request was from Raphael Geissert <geissert@debian.org> to control@bugs.debian.org. (Mon, 06 Dec 2010 23:39:05 GMT) Full text and rfc822 format available.

Message sent on to Ulrik Persson <ddefrostt@gmail.com>:
Bug#605537. (Mon, 06 Dec 2010 23:39:08 GMT) Full text and rfc822 format available.

Changed Bug title to 'CVE-2010-4259: fontforge: buffer overflow when parsing CHARSET_REGISTRY header of .BDF files' from 'CVE-2010-4259: fontforge: buffer overflow when parsing' Request was from Raphael Geissert <geissert@debian.org> to control@bugs.debian.org. (Mon, 06 Dec 2010 23:45:04 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>:
Bug#605537; Package fontforge. (Tue, 07 Dec 2010 06:21:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Rogério Brito <rbrito@ime.usp.br>:
Extra info received and forwarded to list. Copy sent to Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>. (Tue, 07 Dec 2010 06:21:03 GMT) Full text and rfc822 format available.

Message #24 received at 605537@bugs.debian.org (full text, mbox):

From: Rogério Brito <rbrito@ime.usp.br>
To: Raphael Geissert <geissert@debian.org>
Cc: 605537@bugs.debian.org, pkg-fonts-devel@lists.alioth.debian.org, 605537-submitter@bugs.debian.org, team@security.debian.org
Subject: Re: [Pkg-fonts-devel] Bug#605537: fontforge: buffer overflow when opening .BDF files
Date: Tue, 7 Dec 2010 04:18:09 -0200
Hi there.

Just for the record, I am working on this right now.

On Dec 06 2010, Raphael Geissert wrote:
> A patch (along with details) is available at:
> https://bugzilla.redhat.com/659359
> 
> When fixing the vulnerability please mention the id (CVE-2010-4259) in
> the changelog.

Doing that.

> Would be great if you could also prepare a fixed version for stable
> (usual coordination with team@security.d.o applies.)

I'm first taking care of unstable/testing and then I will look at the case
of stable.


Thanks for the heads up.

-- 
Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFCAAAA
http://rb.doesntexist.org : Packages for LaTeX : algorithms.berlios.de
DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br




Message sent on to Ulrik Persson <ddefrostt@gmail.com>:
Bug#605537. (Tue, 07 Dec 2010 06:21:07 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from rbrito-guest@alioth.debian.org to control@bugs.debian.org. (Tue, 07 Dec 2010 07:51:03 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>:
Bug#605537; Package fontforge. (Tue, 07 Dec 2010 07:57:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christian PERRIER <bubulle@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>. (Tue, 07 Dec 2010 07:57:03 GMT) Full text and rfc822 format available.

Message #34 received at 605537@bugs.debian.org (full text, mbox):

From: Christian PERRIER <bubulle@debian.org>
To: 605537@bugs.debian.org
Cc: 605537-submitter@bugs.debian.org
Subject: Re: [Pkg-fonts-bugs] Bug#605537: fontforge: buffer overflow when opening .BDF files
Date: Tue, 7 Dec 2010 06:56:05 +0100
[Message part 1 (text/plain, inline)]
Quoting Raphael Geissert (geissert@debian.org):
> severity 605537 grave
> retitle 605537 CVE-2010-4259: fontforge: buffer overflow when parsing
> CHARSET_REGISTRY header of .BDF files
> thanks
> 
> Hi,
> 
> A patch (along with details) is available at:
> https://bugzilla.redhat.com/659359
> 
> When fixing the vulnerability please mention the id (CVE-2010-4259) in
> the changelog.
> Would be great if you could also prepare a fixed version for stable
> (usual coordination with team@security.d.o applies.)

Thanks, Raphaël, for reporting this issue.

Kęstutis, will you handle this or do you need help in some way?


[signature.asc (application/pgp-signature, inline)]

Message sent on to Ulrik Persson <ddefrostt@gmail.com>:
Bug#605537. (Tue, 07 Dec 2010 07:57:05 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>:
Bug#605537; Package fontforge. (Tue, 07 Dec 2010 08:27:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Rogério Brito <rbrito@ime.usp.br>:
Extra info received and forwarded to list. Copy sent to Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>. (Tue, 07 Dec 2010 08:27:07 GMT) Full text and rfc822 format available.

Message #42 received at 605537@bugs.debian.org (full text, mbox):

From: Rogério Brito <rbrito@ime.usp.br>
To: Christian PERRIER <bubulle@debian.org>, 605537@bugs.debian.org
Cc: 605537-submitter@bugs.debian.org, geissert@debian.org, pkg-fonts-devel@lists.alioth.debian.org
Subject: Re: [Pkg-fonts-devel] Bug#605537: [Pkg-fonts-bugs] Bug#605537: fontforge: buffer overflow when opening .BDF files
Date: Tue, 7 Dec 2010 06:22:47 -0200
Dear Christian and others,

On Dec 07 2010, Christian PERRIER wrote:
> Quoting Raphael Geissert (geissert@debian.org):
> > A patch (along with details) is available at:
> > https://bugzilla.redhat.com/659359
> 
> Thanks, Raphaël, for reporting this issue.

I just uploaded a new version for unstable (conservative upload---I would
have changed other stuff, but better not at this stage).

I'm just waiting for the FTP master announcement to see if it was accepted
or not.

> Kęstutis, will you handle this or do you need help in some way?

I'm having some trouble with my ISP right now and uploading stuff is getting
interrupted. :-(

Could any of you just copy my last SVN commit to a stable version (if
applicable)?


Regards,

-- 
Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFCAAAA
http://rb.doesntexist.org : Packages for LaTeX : algorithms.berlios.de
DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br




Message sent on to Ulrik Persson <ddefrostt@gmail.com>:
Bug#605537. (Tue, 07 Dec 2010 08:27:08 GMT) Full text and rfc822 format available.

Reply sent to Rogério Brito <rbrito@ime.usp.br>:
You have taken responsibility. (Tue, 07 Dec 2010 08:51:26 GMT) Full text and rfc822 format available.

Notification sent to Ulrik Persson <ddefrostt@gmail.com>:
Bug acknowledged by developer. (Tue, 07 Dec 2010 08:51:26 GMT) Full text and rfc822 format available.

Message #50 received at 605537-close@bugs.debian.org (full text, mbox):

From: Rogério Brito <rbrito@ime.usp.br>
To: 605537-close@bugs.debian.org
Subject: Bug#605537: fixed in fontforge 0.0.20100501-4
Date: Tue, 07 Dec 2010 08:47:25 +0000
Source: fontforge
Source-Version: 0.0.20100501-4

We believe that the bug you reported is fixed in the latest version of
fontforge, which is due to be installed in the Debian FTP archive:

fontforge-nox_0.0.20100501-4_amd64.deb
  to main/f/fontforge/fontforge-nox_0.0.20100501-4_amd64.deb
fontforge_0.0.20100501-4.debian.tar.gz
  to main/f/fontforge/fontforge_0.0.20100501-4.debian.tar.gz
fontforge_0.0.20100501-4.dsc
  to main/f/fontforge/fontforge_0.0.20100501-4.dsc
fontforge_0.0.20100501-4_amd64.deb
  to main/f/fontforge/fontforge_0.0.20100501-4_amd64.deb
libfontforge-dev_0.0.20100501-4_amd64.deb
  to main/f/fontforge/libfontforge-dev_0.0.20100501-4_amd64.deb
libfontforge1_0.0.20100501-4_amd64.deb
  to main/f/fontforge/libfontforge1_0.0.20100501-4_amd64.deb
libgdraw4_0.0.20100501-4_amd64.deb
  to main/f/fontforge/libgdraw4_0.0.20100501-4_amd64.deb
python-fontforge_0.0.20100501-4_amd64.deb
  to main/f/fontforge/python-fontforge_0.0.20100501-4_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 605537@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Rogério Brito <rbrito@ime.usp.br> (supplier of updated fontforge package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 07 Dec 2010 04:12:04 -0200
Source: fontforge
Binary: fontforge fontforge-nox libfontforge-dev libfontforge1 libgdraw4 python-fontforge
Architecture: source amd64
Version: 0.0.20100501-4
Distribution: unstable
Urgency: high
Maintainer: Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>
Changed-By: Rogério Brito <rbrito@ime.usp.br>
Description: 
 fontforge  - font editor
 fontforge-nox - font editor - non-X version
 libfontforge-dev - font editor - runtime library (development files)
 libfontforge1 - font editor - runtime library
 libgdraw4  - font editor - runtime graphics and widget library
 python-fontforge - font editor - Python bindings
Closes: 605537
Changes: 
 fontforge (0.0.20100501-4) unstable; urgency=high
 .
   * Urgency high due to a security fix.
   * debian/patches:
     + grab patch from https://bugzilla.redhat.com/attachment.cgi?id=464658
     Fixes: CVE-2010-4259, Closes: #605537.
Checksums-Sha1: 
 fdf3a18842bc7ca5ec4f103aa9ccc47a25a3f39b 1797 fontforge_0.0.20100501-4.dsc
 6ab4b5dfbdfa34b88060c122dec1f5ef1136acc2 22141 fontforge_0.0.20100501-4.debian.tar.gz
 237dbd55e6d5db0a01e96e2fa49437e9bc2c8361 2333084 fontforge_0.0.20100501-4_amd64.deb
 adacadf26bda6fdafd8052180f6da0b1b82ff978 1253486 fontforge-nox_0.0.20100501-4_amd64.deb
 c49481ef9012be8180fc6e4cd95baf0782508e3b 132804 libfontforge-dev_0.0.20100501-4_amd64.deb
 7c3c17840513bf413c21360a71dc254a94acb639 2567048 libfontforge1_0.0.20100501-4_amd64.deb
 14e2f80511a3194cfb1276783f66e209502618f0 374322 libgdraw4_0.0.20100501-4_amd64.deb
 dea1b190e67a293f91642afbe8bf365430b7b118 15184 python-fontforge_0.0.20100501-4_amd64.deb
Checksums-Sha256: 
 54e78381ab10965bd681a5ffdca3b45e04a7eb9b593fbbcfa2f99f04e146168b 1797 fontforge_0.0.20100501-4.dsc
 2b42cea0c37a054c491b49b9ce09e1850cecaca299449d70ff58dcdadf464454 22141 fontforge_0.0.20100501-4.debian.tar.gz
 1a2830d77aa2376d920608dea75c27faf03d515c2ca79ad5e92f2dc0c97f7d86 2333084 fontforge_0.0.20100501-4_amd64.deb
 628cd04cc3a2da379b7ec01ff11bc4044beb9dec704a8e4cf2652e01ae7d598e 1253486 fontforge-nox_0.0.20100501-4_amd64.deb
 8cfb7c25e9c99b56d61044b7c45b3f34d90125c3e6acf1bc74ffdfff5fe8b06c 132804 libfontforge-dev_0.0.20100501-4_amd64.deb
 33ac1568c58c745b4b181f1e5a1127a70c0eb42badaeb303717c0d865be75494 2567048 libfontforge1_0.0.20100501-4_amd64.deb
 c80908c716643da97eb0a0a35b1219724acc9f1a1a9e62a44a1aa6368fdff3d0 374322 libgdraw4_0.0.20100501-4_amd64.deb
 79b2e865da6f42c6f13b6a2f1b29a536bba1973d6ddf5db5db2e152859a370bb 15184 python-fontforge_0.0.20100501-4_amd64.deb
Files: 
 e24d4fcb6d2de9812e66d9c1c0275b17 1797 fonts optional fontforge_0.0.20100501-4.dsc
 84e58e353367da534f95ef314c890439 22141 fonts optional fontforge_0.0.20100501-4.debian.tar.gz
 216551bc0c7c00981c65a16df6cbea88 2333084 fonts optional fontforge_0.0.20100501-4_amd64.deb
 d6a069f2176b6c6bc904512adedd2065 1253486 fonts optional fontforge-nox_0.0.20100501-4_amd64.deb
 cb5aea07afe46cf4888e43cb2a70ca7b 132804 libdevel optional libfontforge-dev_0.0.20100501-4_amd64.deb
 5202f12b44bdb1300d0a1e514dd79cc1 2567048 libs optional libfontforge1_0.0.20100501-4_amd64.deb
 2cc952fafae917210ff7c25668bbb808 374322 libs optional libgdraw4_0.0.20100501-4_amd64.deb
 66afd3abb0749397b51e38f2d16490e0 15184 python optional python-fontforge_0.0.20100501-4_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkz965UACgkQCFqbMnwsrrh+ywCfZUZ/IZQ/FTqpoaT4D75274to
V70An38TaiX53HtdE+/Zv/0xRtfasjZ9
=uWVa
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 08 Jan 2011 07:31:37 GMT) Full text and rfc822 format available.

Bug unarchived. Request was from Thijs Kinkhorst <thijs@debian.org> to control@bugs.debian.org. (Fri, 03 Jun 2011 19:00:02 GMT) Full text and rfc822 format available.

Reply sent to Thijs Kinkhorst <thijs@debian.org>:
You have taken responsibility. (Sat, 04 Jun 2011 13:57:14 GMT) Full text and rfc822 format available.

Notification sent to Ulrik Persson <ddefrostt@gmail.com>:
Bug acknowledged by developer. (Sat, 04 Jun 2011 13:57:14 GMT) Full text and rfc822 format available.

Message #59 received at 605537-close@bugs.debian.org (full text, mbox):

From: Thijs Kinkhorst <thijs@debian.org>
To: 605537-close@bugs.debian.org
Subject: Bug#605537: fixed in fontforge 0.0.20080429-1+lenny2
Date: Sat, 04 Jun 2011 13:54:40 +0000
Source: fontforge
Source-Version: 0.0.20080429-1+lenny2

We believe that the bug you reported is fixed in the latest version of
fontforge, which is due to be installed in the Debian FTP archive:

fontforge-doc_0.0.20080429-1+lenny2_all.deb
  to main/f/fontforge/fontforge-doc_0.0.20080429-1+lenny2_all.deb
fontforge_0.0.20080429-1+lenny2.diff.gz
  to main/f/fontforge/fontforge_0.0.20080429-1+lenny2.diff.gz
fontforge_0.0.20080429-1+lenny2.dsc
  to main/f/fontforge/fontforge_0.0.20080429-1+lenny2.dsc
fontforge_0.0.20080429-1+lenny2_amd64.deb
  to main/f/fontforge/fontforge_0.0.20080429-1+lenny2_amd64.deb
python-fontforge_0.0.20080429-1+lenny2_amd64.deb
  to main/f/fontforge/python-fontforge_0.0.20080429-1+lenny2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 605537@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thijs Kinkhorst <thijs@debian.org> (supplier of updated fontforge package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 31 May 2011 21:18:28 +0200
Source: fontforge
Binary: fontforge fontforge-doc python-fontforge
Architecture: source amd64 all
Version: 0.0.20080429-1+lenny2
Distribution: oldstable-security
Urgency: high
Maintainer: Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 fontforge  - Font editor for PS, TrueType and OpenType fonts
 fontforge-doc - Documentation for FontForge
 python-fontforge - Python bindings for FontForge
Closes: 605537
Changes: 
 fontforge (0.0.20080429-1+lenny2) oldstable-security; urgency=low
 .
   * Non-maintainer upload.
   * No-changes rebuild because lenny is now oldstable.
 .
 fontforge (0.0.20080429-1+lenny1) stable-security; urgency=high
 .
   * Non-maintainer upload during Security Team meeting
   * CVE-2010-4259 (closes: #605537).
Checksums-Sha1: 
 e46d4ef980f7334f20332bee75c9ea27c6c26478 1890 fontforge_0.0.20080429-1+lenny2.dsc
 26ad73678167cc0573c480b2f319e7d9dd11ba0b 8267439 fontforge_0.0.20080429.orig.tar.gz
 27b608937f9c1aeeb54db47ab80f043a116511f8 15847 fontforge_0.0.20080429-1+lenny2.diff.gz
 49b0e1e0945aff73d96abd347a5301492edd3ca0 5289946 fontforge_0.0.20080429-1+lenny2_amd64.deb
 17c87b20066773d63a5197c79dcfce940474f67a 42284 python-fontforge_0.0.20080429-1+lenny2_amd64.deb
 c476b6698c25c3c36277f0a0e819c6096c9b880e 3171772 fontforge-doc_0.0.20080429-1+lenny2_all.deb
Checksums-Sha256: 
 9bc2d3027118adec8eb8d0067da815a25bdb7a66b9b24c18194a1baa8678158e 1890 fontforge_0.0.20080429-1+lenny2.dsc
 33304f7d5b684d2ad41aaf6e00d3da06b783918c94f6b29558d64b5819293391 8267439 fontforge_0.0.20080429.orig.tar.gz
 57a0de0f40292121f2dfe127f6700adbc52935e91ca9ebfa98824a47741c64c3 15847 fontforge_0.0.20080429-1+lenny2.diff.gz
 b28e0bef1d25b682dca6fd886e0cb98f1614f14cd50c397a1677488d69026fdb 5289946 fontforge_0.0.20080429-1+lenny2_amd64.deb
 188a41a66cf0bd4ec09883cdf07d4886fc97a47350ce285c7615a38cad7d6c02 42284 python-fontforge_0.0.20080429-1+lenny2_amd64.deb
 aa62c92de1baf01a117b14e8cb88bdbaeb477bee839e66cbd9c7cde46d37a0c2 3171772 fontforge-doc_0.0.20080429-1+lenny2_all.deb
Files: 
 e42f6470f3d12fd5a81f7da57908ebe2 1890 graphics optional fontforge_0.0.20080429-1+lenny2.dsc
 f987b2dbf33ebf795c915020ad0e0c89 8267439 graphics optional fontforge_0.0.20080429.orig.tar.gz
 0ed73cab29a43b147b3ec702df12c8f0 15847 graphics optional fontforge_0.0.20080429-1+lenny2.diff.gz
 8d99c3292a814c33c6e9e253af65d5bd 5289946 graphics optional fontforge_0.0.20080429-1+lenny2_amd64.deb
 48ccf360b2090e1074badf34d6d8a8fa 42284 python optional python-fontforge_0.0.20080429-1+lenny2_amd64.deb
 413a1fd5ca894dfa1cd5838f79359207 3171772 doc optional fontforge-doc_0.0.20080429-1+lenny2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJN5UafAAoJEOxfUAG2iX57lb4IALYDEiJS9/DQHoEjwcycesp1
90/j1VO/0muEM/dNBTVNFOkxPellkA+kYBwlyRmFt3X/TbhHUbXxf0bj/VDvYs4G
wj4UGJ8YPXuPlBtLANoVwuCXDSkmeGjKxbzf3ETdApO93MJ6Q9bbJS0lQD08akAj
whfbFW8PQrUE5OPR1uuozaJEj4bfucJXEUKXUehwFrC2RzvcRYviKGUYShoXpIqP
DQNTDjOk9nX/NOyObZ3O8tgeWlZWfdMosd5TXhilU5cuV70bwFySB7tiYWPi75KR
1i0W7fyI8Oyu0aQjAzzdqrfrE9gZlu3mISRNQv/lYjqd1KeAwv9R9l1LSHZifoY=
=o1ZT
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 03 Jul 2011 07:35:17 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 09:53:07 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.