summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRyan Hill <dirtyepic@gentoo.org>2010-11-18 01:52:21 +0000
committerRyan Hill <dirtyepic@gentoo.org>2010-11-18 01:52:21 +0000
commit5414bad8cbfdfa0f5b0c1063083db4461552d70d (patch)
treea3b43f489e9e12eef544a76c8ee220521a6f13d9 /media-libs/freetype
parentVersion bump (diff)
downloadgentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.tar.gz
gentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.tar.bz2
gentoo-2-5414bad8cbfdfa0f5b0c1063083db4461552d70d.zip
Revision bump for bug #345843. Remove old.
(Portage version: 2.2.0_alpha4/cvs/Linux x86_64)
Diffstat (limited to 'media-libs/freetype')
-rw-r--r--media-libs/freetype/ChangeLog8
-rw-r--r--media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch33
-rw-r--r--media-libs/freetype/freetype-2.4.3-r2.ebuild (renamed from media-libs/freetype/freetype-2.4.3.ebuild)6
3 files changed, 44 insertions, 3 deletions
diff --git a/media-libs/freetype/ChangeLog b/media-libs/freetype/ChangeLog
index d36a6e0a5efa..95901042f931 100644
--- a/media-libs/freetype/ChangeLog
+++ b/media-libs/freetype/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for media-libs/freetype
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.277 2010/10/26 00:09:21 halcy0n Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.278 2010/11/18 01:52:21 dirtyepic Exp $
+
+*freetype-2.4.3-r2 (18 Nov 2010)
+
+ 18 Nov 2010; Ryan Hill <dirtyepic@gentoo.org> -freetype-2.4.3.ebuild,
+ +freetype-2.4.3-r2.ebuild, +files/freetype-2.4.3-CVE-2010-3814.patch:
+ Revision bump for bug #345843. Remove old.
26 Oct 2010; Mark Loeser <halcy0n@gentoo.org> freetype-2.4.3-r1.ebuild:
Stable for ppc64; bug #342121
diff --git a/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch
new file mode 100644
index 000000000000..6f4740e259f0
--- /dev/null
+++ b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch
@@ -0,0 +1,33 @@
+CVE-2010-3814
+https://bugs.gentoo.org/345843
+
+From 0edf0986f3be570f5bf90ff245a85c1675f5c9a4 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Wed, 06 Oct 2010 09:52:27 +0000
+Subject: [truetype] Improve error handling of `SHZ' bytecode instruction.
+
+Problem reported by Chris Evans <scarybeasts@gmail.com>.
+
+* src/truetype/ttinterp.c (Ins_SHZ): Check `last_point'.
+---
+--- a/src/truetype/ttinterp.c
++++ b/src/truetype/ttinterp.c
+@@ -5795,7 +5795,16 @@
+ if ( CUR.GS.gep2 == 0 && CUR.zp2.n_points > 0 )
+ last_point = (FT_UShort)( CUR.zp2.n_points - 1 );
+ else if ( CUR.GS.gep2 == 1 && CUR.zp2.n_contours > 0 )
++ {
+ last_point = (FT_UShort)( CUR.zp2.contours[CUR.zp2.n_contours - 1] );
++
++ if ( BOUNDS( last_point, CUR.zp2.n_points ) )
++ {
++ if ( CUR.pedantic_hinting )
++ CUR.error = TT_Err_Invalid_Reference;
++ return;
++ }
++ }
+ else
+ last_point = 0;
+
+--
+cgit v0.8.3.2
diff --git a/media-libs/freetype/freetype-2.4.3.ebuild b/media-libs/freetype/freetype-2.4.3-r2.ebuild
index 9dd439c39cb5..4303a4ad6128 100644
--- a/media-libs/freetype/freetype-2.4.3.ebuild
+++ b/media-libs/freetype/freetype-2.4.3-r2.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3.ebuild,v 1.4 2010/10/22 14:48:50 fauli Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3-r2.ebuild,v 1.1 2010/11/18 01:52:21 dirtyepic Exp $
EAPI="2"
@@ -14,7 +14,7 @@ SRC_URI="mirror://sourceforge/freetype/${P/_/}.tar.bz2
LICENSE="FTL GPL-2"
SLOT="2"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd"
IUSE="X auto-hinter bindist debug doc utils fontforge"
DEPEND="sys-libs/zlib
@@ -56,6 +56,8 @@ src_prepare() {
disable_option FT_CONFIG_OPTION_OLD_INTERNALS
epatch "${FILESDIR}"/${PN}-2.3.2-enable-valid.patch
+ epatch "${FILESDIR}"/${PN}-2.4.3-SA41738.patch
+ epatch "${FILESDIR}"/${PN}-2.4.3-CVE-2010-3814.patch
if use utils; then
cd "${WORKDIR}/ft2demos-${PV}"