rpms/freetype1/F-10 cve-2006-1861.patch, NONE, 1.1 cve-2007-2754.patch, NONE, 1.1 freetype1.spec, 1.5, 1.6
Adam Jackson
ajax at fedoraproject.org
Tue May 26 20:31:32 UTC 2009
Author: ajax
Update of /cvs/pkgs/rpms/freetype1/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30111
Modified Files:
freetype1.spec
Added Files:
cve-2006-1861.patch cve-2007-2754.patch
Log Message:
* Tue May 26 2009 Adam Jackson <ajax at redhat.com> 1.4-0.8.pre
- cve-2006-1861.patch, cve-2007-2754.patch: Port of freetype2 fixes. (#502565)
cve-2006-1861.patch:
--- NEW FILE cve-2006-1861.patch ---
diff -up freetype-pre1.4/lib/ttgload.c.freetype-pre1.4-CVE-2006-1861-null-pointer freetype-pre1.4/lib/ttgload.c
--- freetype-pre1.4/lib/ttgload.c.freetype-pre1.4-CVE-2006-1861-null-pointer 2009-05-12 19:40:52.000000000 -0400
+++ freetype-pre1.4/lib/ttgload.c 2009-05-12 19:41:03.000000000 -0400
@@ -270,6 +270,10 @@
j = 0;
flag = exec->pts.touch;
+ /* CVE-2006-1861 */
+ if ( flag == NULL )
+ return TT_Err_Invalid_Composite; /* for lack of a better err code */
+
while ( j < n_points )
{
Byte c, cnt;
cve-2007-2754.patch:
--- NEW FILE cve-2007-2754.patch ---
diff -up freetype-pre1.4/lib/ttgload.c.ttf-overflow freetype-pre1.4/lib/ttgload.c
--- freetype-pre1.4/lib/ttgload.c.ttf-overflow 2009-05-12 19:25:25.000000000 -0400
+++ freetype-pre1.4/lib/ttgload.c 2009-05-12 19:28:15.000000000 -0400
@@ -236,7 +236,7 @@
FORGET_Frame();
- if ( n_points > left_points )
+ if ( n_points < 0 || n_points > left_points )
{
PTRACE0(( "ERROR: Too many points in glyph %ld\n", subg->index ));
return TT_Err_Too_Many_Points;
Index: freetype1.spec
===================================================================
RCS file: /cvs/pkgs/rpms/freetype1/F-10/freetype1.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -p -r1.5 -r1.6
--- freetype1.spec 14 Jun 2008 08:41:03 -0000 1.5
+++ freetype1.spec 26 May 2009 20:31:01 -0000 1.6
@@ -4,7 +4,7 @@
Name: freetype1
Version: 1.4
-Release: 0.6.pre%{?dist}
+Release: 0.8.pre%{?dist}
Summary: Free TrueType font rendering engine, compatibility version
Group: System Environment/Libraries
License: FTL
@@ -15,6 +15,9 @@ Source: http://downloads.sourcef
Patch0: freetype-1.3.1-1.4pre.patch
Patch1: freetype-1.4-disable-ft1-bci.patch
Patch2: freetype-1.4pre-CVE-2008-1808.patch
+Patch3: cve-2006-1861.patch
+Patch4: cve-2007-2754.patch
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: zlib-devel libXt-devel gettext
@@ -61,6 +64,8 @@ developing applications that use %{name}
%endif
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
iconv -f ISO-8859-1 -t UTF-8 docs/i18n.txt > docs/i18n.txt.tmp
touch -r docs/i18n.txt docs/i18n.txt.tmp
@@ -125,6 +130,12 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Tue May 26 2009 Adam Jackson <ajax at redhat.com> 1.4-0.8.pre
+- cve-2006-1861.patch, cve-2007-2754.patch: Port of freetype2 fixes. (#502565)
+
+* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4-0.7.pre
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
* Sat Jun 14 2008 Hans de Goede <j.w.r.degoede at hhs.nl> 1.4-0.6.pre
- Backport fixes for CVE-2008-1806, CVE-2008-1807 and CVE-2008-1808 to
freetype 1 (where applicable, bz 450773, 450774)
More information about the fonts-bugs
mailing list