November 2011 - fonts-bugs - Fedora Mailing-Lists

[Bug 701604] [abrt] evolution-3.0.1-1.fc15: magazine_chain_pop_head: Process /usr/bin/evolution was killed by signal 11 (SIGSEGV)

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=701604 --- Comment #35 from Paddy Steed <jarktasaa(a)gmail.com> 2011-11-17 03:03:40 EST --- Package: evolution-3.2.1-2.fc16 Architecture: x86_64 OS Release: Fedora release 16 (Verne) Comment ----- Clicked on 'send/receive all' -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

12 years, 5 months

1
0
0 / 0

[Bug 752538] gtk2 widgets too "tight"

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=752538 Pierre Ossman <pierre-bugzilla(a)ossman.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |behdad(a)fedoraproject.org, | |fonts-bugs(a)lists.fedoraproj | |ect.org, | |kevin(a)tigcc.ticalc.org, | |mkasik(a)redhat.com Component|gtk2 |freetype AssignedTo|mclasen(a)redhat.com |mkasik(a)redhat.com --- Comment #5 from Pierre Ossman <pierre-bugzilla(a)ossman.eu> 2011-11-16 06:31:04 EST --- I'm seeing this in more places, so I'm guessing it has nothing to do with GTK. Moving to freetype, as I guess that's where things are getting the line spacing information from. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

12 years, 5 months

1
0
0 / 0

[Bug 742349] ghostscript 9.04 crashes on certain postscript files

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=742349 Fedora Update System <updates(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Fixed In Version|ghostscript-9.04-5.fc15 |ghostscript-9.04-7.fc16 Resolution| |ERRATA Last Closed| |2011-11-15 19:31:29 --- Comment #8 from Fedora Update System <updates(a)fedoraproject.org> 2011-11-15 19:31:29 EST --- ghostscript-9.04-7.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

12 years, 5 months

1
0
0 / 0

[freetype/f14] Fix CVE-2011-3439

by mkasik

commit 405fc055b02d4149c99c8d6b93151ff319d86604 Author: Marek Kasik <mkasik(a)redhat.com> Date: Tue Nov 15 17:41:05 2011 +0100 Fix CVE-2011-3439 Resolves: #753837 freetype-2.4.2-CVE-2011-3439.patch | 76 ++++++++++++++++++++++++++++++++++++ freetype.spec | 8 +++- 2 files changed, 83 insertions(+), 1 deletions(-) --- diff --git a/freetype-2.4.2-CVE-2011-3439.patch b/freetype-2.4.2-CVE-2011-3439.patch new file mode 100644 index 0000000..a2affe2 --- /dev/null +++ b/freetype-2.4.2-CVE-2011-3439.patch @@ -0,0 +1,76 @@ +--- freetype-2.4.2/src/cid/cidload.c 2009-07-03 15:28:24.000000000 +0200 ++++ freetype-2.4.2/src/cid/cidload.c 2011-11-15 17:37:01.000000000 +0100 +@@ -4,7 +4,7 @@ + /* */ + /* CID-keyed Type1 font loader (body). */ + /* */ +-/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2009 by */ ++/* Copyright 1996-2006, 2009, 2011 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -110,7 +110,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict < 0 ) ++ if ( parser->num_dict < 0 || parser->num_dict >= cid->num_dicts ) + { + FT_ERROR(( "cid_load_keyword: invalid use of `%s'\n", + keyword->ident )); +@@ -158,7 +158,7 @@ + FT_Fixed temp_scale; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + matrix = &dict->font_matrix; +@@ -249,7 +249,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + +@@ -413,12 +413,25 @@ + FT_Byte* p; + + ++ /* Check for possible overflow. */ ++ if ( num_subrs == FT_UINT_MAX ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + /* reallocate offsets array if needed */ + if ( num_subrs + 1 > max_offsets ) + { + FT_UInt new_max = FT_PAD_CEIL( num_subrs + 1, 4 ); + + ++ if ( new_max <= max_offsets ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + if ( FT_RENEW_ARRAY( offsets, max_offsets, new_max ) ) + goto Fail; + +@@ -436,6 +449,11 @@ + + FT_FRAME_EXIT(); + ++ /* offsets must be ordered */ ++ for ( count = 1; count <= num_subrs; count++ ) ++ if ( offsets[count - 1] > offsets[count] ) ++ goto Fail; ++ + /* now, compute the size of subrs charstrings, */ + /* allocate, and read them */ + data_len = offsets[num_subrs] - offsets[0]; diff --git a/freetype.spec b/freetype.spec index 1ed8c5f..825d315 100644 --- a/freetype.spec +++ b/freetype.spec @@ -7,7 +7,7 @@ Summary: A free and portable font rendering engine Name: freetype Version: 2.4.2 -Release: 6%{?dist} +Release: 7%{?dist} License: FTL or GPLv2+ Group: System Environment/Libraries URL: http://www.freetype.org @@ -30,6 +30,7 @@ Patch89: freetype-2.4.2-CVE-2010-3311.patch Patch90: freetype-2.4.2-CVE-2010-3855.patch Patch91: freetype-2.4.2-CVE-2011-0226.patch Patch92: freetype-2.4.2-CVE-2011-3256.patch +Patch93: freetype-2.4.2-CVE-2011-3439.patch Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) @@ -100,6 +101,7 @@ popd %patch90 -p1 -b .CVE-2010-3855 %patch91 -p1 -b .CVE-2011-0226 %patch92 -p1 -b .CVE-2011-3256 +%patch93 -p1 -b .CVE-2011-3439 %build @@ -232,6 +234,10 @@ rm -rf $RPM_BUILD_ROOT %doc docs/tutorial %changelog +* Tue Nov 15 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.2-7 +- Fix CVE-2011-3439 +- Resolves: #753837 + * Thu Oct 20 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.2-6 - Add freetype-2.4.2-CVE-2011-3256.patch (Handle some border cases)

12 years, 5 months

1
0
0 / 0

[Bug 754078] New: freetype-2.4.8 is available

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: freetype-2.4.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=754078 Summary: freetype-2.4.8 is available Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Keywords: FutureFeature, Triaged Severity: unspecified Priority: unspecified Component: freetype AssignedTo: mkasik(a)redhat.com ReportedBy: upstream-release-monitoring(a)fedoraproject.org QAContact: extras-qa(a)fedoraproject.org CC: behdad(a)fedoraproject.org, kevin(a)tigcc.ticalc.org, fonts-bugs(a)lists.fedoraproject.org, mkasik(a)redhat.com Classification: Fedora Story Points: --- Type: --- Latest upstream release: 2.4.8 Current version in Fedora Rawhide: 2.4.7 URL: http://sourceforge.net/api/file/index/project-name/freetype/mtime/desc/li... Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

12 years, 5 months

1
1
0 / 0

[freetype/f15] Fix CVE-2011-3439

by mkasik

commit d1e0a644c1930f44c2b24d1124f6db79cfef4361 Author: Marek Kasik <mkasik(a)redhat.com> Date: Tue Nov 15 17:28:40 2011 +0100 Fix CVE-2011-3439 Resolves: #753837 freetype-2.4.4-CVE-2011-3439.patch | 76 ++++++++++++++++++++++++++++++++++++ freetype.spec | 8 +++- 2 files changed, 83 insertions(+), 1 deletions(-) --- diff --git a/freetype-2.4.4-CVE-2011-3439.patch b/freetype-2.4.4-CVE-2011-3439.patch new file mode 100644 index 0000000..cf3ca8b --- /dev/null +++ b/freetype-2.4.4-CVE-2011-3439.patch @@ -0,0 +1,76 @@ +--- freetype-2.4.4/src/cid/cidload.c 2009-07-03 15:28:24.000000000 +0200 ++++ freetype-2.4.4/src/cid/cidload.c 2011-11-15 17:25:38.000000000 +0100 +@@ -4,7 +4,7 @@ + /* */ + /* CID-keyed Type1 font loader (body). */ + /* */ +-/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2009 by */ ++/* Copyright 1996-2006, 2009, 2011 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -110,7 +110,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict < 0 ) ++ if ( parser->num_dict < 0 || parser->num_dict >= cid->num_dicts ) + { + FT_ERROR(( "cid_load_keyword: invalid use of `%s'\n", + keyword->ident )); +@@ -158,7 +158,7 @@ + FT_Fixed temp_scale; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + matrix = &dict->font_matrix; +@@ -249,7 +249,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + +@@ -413,12 +413,25 @@ + FT_Byte* p; + + ++ /* Check for possible overflow. */ ++ if ( num_subrs == FT_UINT_MAX ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + /* reallocate offsets array if needed */ + if ( num_subrs + 1 > max_offsets ) + { + FT_UInt new_max = FT_PAD_CEIL( num_subrs + 1, 4 ); + + ++ if ( new_max <= max_offsets ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + if ( FT_RENEW_ARRAY( offsets, max_offsets, new_max ) ) + goto Fail; + +@@ -436,6 +449,11 @@ + + FT_FRAME_EXIT(); + ++ /* offsets must be ordered */ ++ for ( count = 1; count <= num_subrs; count++ ) ++ if ( offsets[count - 1] > offsets[count] ) ++ goto Fail; ++ + /* now, compute the size of subrs charstrings, */ + /* allocate, and read them */ + data_len = offsets[num_subrs] - offsets[0]; diff --git a/freetype.spec b/freetype.spec index 8e7b645..ef33a49 100644 --- a/freetype.spec +++ b/freetype.spec @@ -7,7 +7,7 @@ Summary: A free and portable font rendering engine Name: freetype Version: 2.4.4 -Release: 6%{?dist} +Release: 7%{?dist} License: FTL or GPLv2+ Group: System Environment/Libraries URL: http://www.freetype.org @@ -30,6 +30,7 @@ Patch90: 0001-Fall-back-to-autohinting-if-a-TTF-OTF-doesn-t-contai.patch Patch91: 0002-Fix-autohinting-fallback.patch Patch92: freetype-2.4.4-CVE-2011-0226.patch Patch93: freetype-2.4.4-CVE-2011-3256.patch +Patch94: freetype-2.4.4-CVE-2011-3439.patch Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) @@ -95,6 +96,7 @@ popd %patch91 -p1 -b .fix-autohint %patch92 -p1 -b .CVE-2011-0226 %patch93 -p1 -b .CVE-2011-3256 +%patch94 -p1 -b .CVE-2011-3439 %build @@ -227,6 +229,10 @@ rm -rf $RPM_BUILD_ROOT %doc docs/tutorial %changelog +* Tue Nov 15 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.4-7 +- Fix CVE-2011-3439 +- Resolves: #753837 + * Thu Oct 20 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.4-6 - Add freetype-2.4.4-CVE-2011-3256.patch (Handle some border cases)

12 years, 5 months

1
0
0 / 0

[freetype/f16] Fix CVE-2011-3439

by mkasik

commit 698eff9cbd1e9385209575f8ddd67215228581df Author: Marek Kasik <mkasik(a)redhat.com> Date: Tue Nov 15 17:16:52 2011 +0100 Fix CVE-2011-3439 Resolves: #753837 freetype-2.4.6-CVE-2011-3439.patch | 76 ++++++++++++++++++++++++++++++++++++ freetype.spec | 8 +++- 2 files changed, 83 insertions(+), 1 deletions(-) --- diff --git a/freetype-2.4.6-CVE-2011-3439.patch b/freetype-2.4.6-CVE-2011-3439.patch new file mode 100644 index 0000000..5cd5809 --- /dev/null +++ b/freetype-2.4.6-CVE-2011-3439.patch @@ -0,0 +1,76 @@ +--- freetype-2.4.6/src/cid/cidload.c 2009-07-03 15:28:24.000000000 +0200 ++++ freetype-2.4.6/src/cid/cidload.c 2011-11-15 17:13:06.000000000 +0100 +@@ -4,7 +4,7 @@ + /* */ + /* CID-keyed Type1 font loader (body). */ + /* */ +-/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2009 by */ ++/* Copyright 1996-2006, 2009, 2011 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -110,7 +110,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict < 0 ) ++ if ( parser->num_dict < 0 || parser->num_dict >= cid->num_dicts ) + { + FT_ERROR(( "cid_load_keyword: invalid use of `%s'\n", + keyword->ident )); +@@ -158,7 +158,7 @@ + FT_Fixed temp_scale; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + matrix = &dict->font_matrix; +@@ -249,7 +249,7 @@ + CID_FaceDict dict; + + +- if ( parser->num_dict >= 0 ) ++ if ( parser->num_dict >= 0 && parser->num_dict < face->cid.num_dicts ) + { + dict = face->cid.font_dicts + parser->num_dict; + +@@ -413,12 +413,25 @@ + FT_Byte* p; + + ++ /* Check for possible overflow. */ ++ if ( num_subrs == FT_UINT_MAX ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + /* reallocate offsets array if needed */ + if ( num_subrs + 1 > max_offsets ) + { + FT_UInt new_max = FT_PAD_CEIL( num_subrs + 1, 4 ); + + ++ if ( new_max <= max_offsets ) ++ { ++ error = CID_Err_Syntax_Error; ++ goto Fail; ++ } ++ + if ( FT_RENEW_ARRAY( offsets, max_offsets, new_max ) ) + goto Fail; + +@@ -436,6 +449,11 @@ + + FT_FRAME_EXIT(); + ++ /* offsets must be ordered */ ++ for ( count = 1; count <= num_subrs; count++ ) ++ if ( offsets[count - 1] > offsets[count] ) ++ goto Fail; ++ + /* now, compute the size of subrs charstrings, */ + /* allocate, and read them */ + data_len = offsets[num_subrs] - offsets[0]; diff --git a/freetype.spec b/freetype.spec index 6c9f7a3..d958397 100644 --- a/freetype.spec +++ b/freetype.spec @@ -7,7 +7,7 @@ Summary: A free and portable font rendering engine Name: freetype Version: 2.4.6 -Release: 3%{?dist} +Release: 4%{?dist} License: FTL or GPLv2+ Group: System Environment/Libraries URL: http://www.freetype.org @@ -27,6 +27,7 @@ Patch88: freetype-multilib.patch Patch89: freetype-2.4.2-CVE-2010-3311.patch Patch90: freetype-2.4.6-CVE-2011-3256.patch +Patch91: freetype-2.4.6-CVE-2011-3439.patch Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) @@ -89,6 +90,7 @@ popd %patch88 -p1 -b .multilib %patch89 -p1 -b .CVE-2010-3311 %patch90 -p1 -b .CVE-2011-3256 +%patch91 -p1 -b .CVE-2011-3439 %build @@ -221,6 +223,10 @@ rm -rf $RPM_BUILD_ROOT %doc docs/tutorial %changelog +* Tue Nov 15 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.6-4 +- Fix CVE-2011-3439 +- Resolves: #753837 + * Wed Oct 26 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.4.6-3 - Rebuilt for glibc bug#747377

12 years, 5 months

1
0
0 / 0

[freetype] Update to 2.4.8

by mkasik

commit f772e1dab7c1a797d124a42c291abdcdedac1fcd Author: Marek Kasik <mkasik(a)redhat.com> Date: Tue Nov 15 17:07:58 2011 +0100 Update to 2.4.8 Remove an unneeded patch .gitignore | 3 ++ freetype-2.4.2-CVE-2010-3311.patch | 37 ------------------------------------ freetype.spec | 11 +++++---- sources | 6 ++-- 4 files changed, 12 insertions(+), 45 deletions(-) --- diff --git a/.gitignore b/.gitignore index a4919f9..e1f5eb2 100644 --- a/.gitignore +++ b/.gitignore @@ -19,3 +19,6 @@ ft2demos-2.4.2.tar.bz2 /freetype-2.4.7.tar.bz2 /freetype-doc-2.4.7.tar.bz2 /ft2demos-2.4.7.tar.bz2 +/freetype-2.4.8.tar.bz2 +/freetype-doc-2.4.8.tar.bz2 +/ft2demos-2.4.8.tar.bz2 diff --git a/freetype.spec b/freetype.spec index b5f8001..9666094 100644 --- a/freetype.spec +++ b/freetype.spec @@ -6,8 +6,8 @@ Summary: A free and portable font rendering engine Name: freetype -Version: 2.4.7 -Release: 2%{?dist} +Version: 2.4.8 +Release: 1%{?dist} License: FTL or GPLv2+ Group: System Environment/Libraries URL: http://www.freetype.org @@ -25,8 +25,6 @@ Patch47: freetype-2.3.11-more-demos.patch # Fix multilib conflicts Patch88: freetype-multilib.patch -Patch89: freetype-2.4.2-CVE-2010-3311.patch - Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n) BuildRequires: libX11-devel @@ -86,7 +84,6 @@ pushd ft2demos-%{version} popd %patch88 -p1 -b .multilib -%patch89 -p1 -b .CVE-2010-3311 %build @@ -219,6 +216,10 @@ rm -rf $RPM_BUILD_ROOT %doc docs/tutorial %changelog +* Tue Nov 15 2011 Marek Kasik <mkasik(a)redhat.com> 2.4.8-1 +- Update to 2.4.8 +- Remove an unneeded patch + * Wed Oct 26 2011 Fedora Release Engineering <rel-eng(a)lists.fedoraproject.org> - 2.4.7-2 - Rebuilt for glibc bug#747377 diff --git a/sources b/sources index d8c35c2..0d9f9c5 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -dbadce8f0c5e70a0b7c51eadf2dd9394 freetype-2.4.7.tar.bz2 -09bfc874435c300252d42b8961564c05 freetype-doc-2.4.7.tar.bz2 -d0118543dfe789bb9fb3b43593b62c05 ft2demos-2.4.7.tar.bz2 +dbf2caca1d3afd410a29217a9809d397 freetype-2.4.8.tar.bz2 +538c925059e90be23928b454c14df728 freetype-doc-2.4.8.tar.bz2 +f44562cf0b434b6dc3488751f82d99ec ft2demos-2.4.8.tar.bz2

12 years, 5 months

1
0
0 / 0

File ft2demos-2.4.8.tar.bz2 uploaded to lookaside cache by mkasik

by mkasik

A file has been added to the lookaside cache for freetype: f44562cf0b434b6dc3488751f82d99ec ft2demos-2.4.8.tar.bz2

12 years, 5 months

1
0
0 / 0

File freetype-doc-2.4.8.tar.bz2 uploaded to lookaside cache by mkasik

by mkasik

A file has been added to the lookaside cache for freetype: 538c925059e90be23928b454c14df728 freetype-doc-2.4.8.tar.bz2

12 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

fonts-bugs November 2011