=== emma_ is now known as emma
=== stgraber_ is now known as stgraber
=== kitterma is now known as ScottK
[07:44] <dholbach> good morning
[07:53] <dkessel> guten morgen dholbach
[07:53] <dholbach> hi dkessel
[08:06] <j_f-f> moin
[17:07] <ESphynx> hey guys are you going to upgrde freetype for the LTS because there's a nasty double free in the current Trusty version
[17:09] <rbasak> ESphynx: can you be more specific, please? Is there a bug for this? Which LTS, which version, what patch or upstream commit, etc.
[17:20] <ESphynx> rbasak : talking about Trusty, if there's not there should be :)
[17:20] <ESphynx> and latest upstream freetype fixes the problem
[17:20] <ESphynx> 2.5.3 vs 2.5.2 which is currently in Trusty
[17:22] <rbasak> ESphynx: looks like 2.5.3 isn't in Debian either. It can be picked up at this stage, but that's up to an Ubuntu developer familiar with the package. Looks like slangasek might be your man as he's a DM for the package as well.
[17:23] <rbasak> ESphynx: but if you want it fixed, then you should file a bug to track that if there isn't one already.
[17:26] <slangasek> ugh freetype
[17:26] <ESphynx> what should the bug be filed again?
[17:26] <ESphynx> against*
[17:26] <ESphynx> slangasek: yeah 2.5.2 is quite horrible
[17:27] <ESphynx> very nasty double free.
[17:27] <ESphynx> on deleting a face
[17:27] <slangasek> the security bugs are an issue, yes; but security bugs are fixed by backporting patches, not by taking new upstream versions (*especially* not new upstream versions of freetype, which are a grab bag of regressions and bugfixes)
[17:28] <slangasek> ESphynx: is this the same as the security bug that has a CVE open for it (Debian bug #741299)?
[17:28] <ubottu> Debian bug 741299 in src:freetype "freetype: CVE-2014-2240, CVE-2014-2241: stack OOB read/write, DoS" [Grave,Open] http://bugs.debian.org/741299
[17:28] <ESphynx> no I dont think so
[18:22] <ESphynx> slangasek: http://savannah.nongnu.org/bugs/?40997  -- this is the one I was referring to
[18:23] <ESphynx> hmm sorry, this makes it look like it's not a free type bug :P
[18:23] <ESphynx> unrelated disregard :(
[18:24] <ESphynx> what I know is that 2.5.2 was crashing consistently and Valgrind complaining and after an update to 2.5.3 the problem was gone, but look through the commits diffs still have me puzzled as to why. I'll look into it a bit later today :)
[18:47] <slangasek> ESphynx: it's reported to be fixed in freetype, and from the description I'd say it is a freetype bug
[19:13] <ESphynx> slangasek: Yeah my problem had to do with stream, but I got it on Linux not Windows...
[21:26] <jtaylor> gr missed the uds again oO
=== e11bits_ is now known as e11bits
=== yofel_ is now known as yofel
=== Daviey_ is now known as Daviey