[freetype/f17] Fix CVE-2012-5669
mkasik
mkasik at fedoraproject.org
Thu Jan 24 15:20:48 UTC 2013
commit 6694ca17e598bf1184e71aee3dcad92eb1a38ecb
Author: Marek Kasik <mkasik at redhat.com>
Date: Thu Jan 24 16:20:46 2013 +0100
Fix CVE-2012-5669
Resolves: #903554
freetype-2.4.8-CVE-2012-5669.patch | 18 ++++++++++++++++++
freetype.spec | 10 +++++++++-
2 files changed, 27 insertions(+), 1 deletions(-)
---
diff --git a/freetype-2.4.8-CVE-2012-5669.patch b/freetype-2.4.8-CVE-2012-5669.patch
new file mode 100644
index 0000000..327550c
--- /dev/null
+++ b/freetype-2.4.8-CVE-2012-5669.patch
@@ -0,0 +1,18 @@
+--- freetype-2.4.8/src/bdf/bdflib.c 2013-01-24 15:30:15.000000000 +0100
++++ freetype-2.4.8/src/bdf/bdflib.c 2013-01-24 15:30:32.269960403 +0100
+@@ -1600,10 +1600,11 @@
+ if ( p->glyph_enc < -1 )
+ p->glyph_enc = -1;
+
+- /* Check that the encoding is in the range [0,65536] because */
+- /* otherwise p->have (a bitmap with static size) overflows. */
+- if ( p->glyph_enc > 0 &&
+- (size_t)p->glyph_enc >= sizeof ( p->have ) * 8 )
++ /* Check that the encoding is in the Unicode range because */
++ /* otherwise p->have (a bitmap with static size) overflows. */
++ if ( p->glyph_enc > 0 &&
++ (size_t)p->glyph_enc >= sizeof ( p->have ) /
++ sizeof ( unsigned long ) * 32 )
+ {
+ error = BDF_Err_Invalid_File_Format;
+ goto Exit;
diff --git a/freetype.spec b/freetype.spec
index 6c8d404..398e0ab 100644
--- a/freetype.spec
+++ b/freetype.spec
@@ -7,7 +7,7 @@
Summary: A free and portable font rendering engine
Name: freetype
Version: 2.4.8
-Release: 3%{?dist}
+Release: 4%{?dist}
License: FTL or GPLv2+
Group: System Environment/Libraries
URL: http://www.freetype.org
@@ -45,6 +45,9 @@ Patch105: freetype-2.4.8-CVE-2012-1143.patch
Patch106: freetype-2.4.8-CVE-2012-1144.patch
Patch107: freetype-2.4.8-bdf-overflow.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=903554
+Patch108: freetype-2.4.8-CVE-2012-5669.patch
+
Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
@@ -124,6 +127,7 @@ popd
%patch105 -p1 -b .CVE-2012-1143
%patch106 -p1 -b .CVE-2012-1144
%patch107 -p1 -b .bdf-overflow
+%patch108 -p1 -b .CVE-2012-5669
%build
@@ -256,6 +260,10 @@ rm -rf $RPM_BUILD_ROOT
%doc docs/tutorial
%changelog
+* Thu Jan 24 2013 Marek Kasik <mkasik at redhat.com> 2.4.8-4
+- Fixes CVE-2012-5669
+- Resolves: #903554
+
* Fri Mar 30 2012 Marek Kasik <mkasik at redhat.com> 2.4.8-3
- Fixes various CVEs
- Resolves: #806270
More information about the fonts-bugs
mailing list