Comment 3 for bug 696616

This bug was fixed in the package pango1.0 - 1.28.2-0ubuntu1.1

---------------
pango1.0 (1.28.2-0ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    crafted font file (LP: #696616)
    - debian/patches/20_CVE-2011-0020.patch: check for overflow in
      pango/pangoft2-render.c.
    - CVE-2011-0020
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked realloc failures
    - debian/patches/21_CVE-2011-0064.patch: check for realloc failures in
      pango/opentype/hb-buffer.*, pango/opentype/hb-buffer-private.h.
    - CVE-2011-0064
 -- Marc Deslauriers <email address hidden> Tue, 01 Mar 2011 09:35:52 -0500