diff options
author | Ryan Hill <dirtyepic@gentoo.org> | 2010-11-18 01:52:21 +0000 |
---|---|---|
committer | Ryan Hill <dirtyepic@gentoo.org> | 2010-11-18 01:52:21 +0000 |
commit | 5414bad8cbfdfa0f5b0c1063083db4461552d70d (patch) | |
tree | a3b43f489e9e12eef544a76c8ee220521a6f13d9 /media-libs/freetype | |
parent | Version bump (diff) | |
download | gentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.tar.gz gentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.tar.bz2 gentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.zip |
Revision bump for bug #345843. Remove old.
(Portage version: 2.2.0_alpha4/cvs/Linux x86_64)
Diffstat (limited to 'media-libs/freetype')
-rw-r--r-- | media-libs/freetype/ChangeLog | 8 | ||||
-rw-r--r-- | media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch | 33 | ||||
-rw-r--r-- | media-libs/freetype/freetype-2.4.3-r2.ebuild (renamed from media-libs/freetype/freetype-2.4.3.ebuild) | 6 |
3 files changed, 44 insertions, 3 deletions
diff --git a/media-libs/freetype/ChangeLog b/media-libs/freetype/ChangeLog index d36a6e0a5efa..95901042f931 100644 --- a/media-libs/freetype/ChangeLog +++ b/media-libs/freetype/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-libs/freetype # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.277 2010/10/26 00:09:21 halcy0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.278 2010/11/18 01:52:21 dirtyepic Exp $ + +*freetype-2.4.3-r2 (18 Nov 2010) + + 18 Nov 2010; Ryan Hill <dirtyepic@gentoo.org> -freetype-2.4.3.ebuild, + +freetype-2.4.3-r2.ebuild, +files/freetype-2.4.3-CVE-2010-3814.patch: + Revision bump for bug #345843. Remove old. 26 Oct 2010; Mark Loeser <halcy0n@gentoo.org> freetype-2.4.3-r1.ebuild: Stable for ppc64; bug #342121 diff --git a/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch new file mode 100644 index 000000000000..6f4740e259f0 --- /dev/null +++ b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch @@ -0,0 +1,33 @@ +CVE-2010-3814 +https://bugs.gentoo.org/345843 + +From 0edf0986f3be570f5bf90ff245a85c1675f5c9a4 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg <wl@gnu.org> +Date: Wed, 06 Oct 2010 09:52:27 +0000 +Subject: [truetype] Improve error handling of `SHZ' bytecode instruction. + +Problem reported by Chris Evans <scarybeasts@gmail.com>. + +* src/truetype/ttinterp.c (Ins_SHZ): Check `last_point'. +--- +--- a/src/truetype/ttinterp.c ++++ b/src/truetype/ttinterp.c +@@ -5795,7 +5795,16 @@ + if ( CUR.GS.gep2 == 0 && CUR.zp2.n_points > 0 ) + last_point = (FT_UShort)( CUR.zp2.n_points - 1 ); + else if ( CUR.GS.gep2 == 1 && CUR.zp2.n_contours > 0 ) ++ { + last_point = (FT_UShort)( CUR.zp2.contours[CUR.zp2.n_contours - 1] ); ++ ++ if ( BOUNDS( last_point, CUR.zp2.n_points ) ) ++ { ++ if ( CUR.pedantic_hinting ) ++ CUR.error = TT_Err_Invalid_Reference; ++ return; ++ } ++ } + else + last_point = 0; + +-- +cgit v0.8.3.2 diff --git a/media-libs/freetype/freetype-2.4.3.ebuild b/media-libs/freetype/freetype-2.4.3-r2.ebuild index 9dd439c39cb5..4303a4ad6128 100644 --- a/media-libs/freetype/freetype-2.4.3.ebuild +++ b/media-libs/freetype/freetype-2.4.3-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3.ebuild,v 1.4 2010/10/22 14:48:50 fauli Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3-r2.ebuild,v 1.1 2010/11/18 01:52:21 dirtyepic Exp $ EAPI="2" @@ -14,7 +14,7 @@ SRC_URI="mirror://sourceforge/freetype/${P/_/}.tar.bz2 LICENSE="FTL GPL-2" SLOT="2" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" IUSE="X auto-hinter bindist debug doc utils fontforge" DEPEND="sys-libs/zlib @@ -56,6 +56,8 @@ src_prepare() { disable_option FT_CONFIG_OPTION_OLD_INTERNALS epatch "${FILESDIR}"/${PN}-2.3.2-enable-valid.patch + epatch "${FILESDIR}"/${PN}-2.4.3-SA41738.patch + epatch "${FILESDIR}"/${PN}-2.4.3-CVE-2010-3814.patch if use utils; then cd "${WORKDIR}/ft2demos-${PV}" |