[freetype/f18] Fix CVE-2012-5669

mkasik mkasik at fedoraproject.org
Thu Jan 24 15:20:55 UTC 2013 

commit bd564091f9f63ad1112a4d68f775e46ca11b1f6a
Author: Marek Kasik <mkasik at redhat.com>
Date:   Thu Jan 24 16:21:28 2013 +0100

    Fix CVE-2012-5669
    
    Resolves: #903554

 freetype-2.4.10-CVE-2012-5669.patch |   14 ++++++++++++++
 freetype.spec                       |   10 +++++++++-
 2 files changed, 23 insertions(+), 1 deletions(-)
---
diff --git a/freetype-2.4.10-CVE-2012-5669.patch b/freetype-2.4.10-CVE-2012-5669.patch
new file mode 100644
index 0000000..ea4f041
--- /dev/null
+++ b/freetype-2.4.10-CVE-2012-5669.patch
@@ -0,0 +1,14 @@
+--- a/src/bdf/bdflib.c
++++ b/src/bdf/bdflib.c
+@@ -1628,8 +1628,9 @@
+ 
+       /* Check that the encoding is in the Unicode range because  */
+       /* otherwise p->have (a bitmap with static size) overflows. */
+-      if ( p->glyph_enc > 0                               &&
+-           (size_t)p->glyph_enc >= sizeof ( p->have ) * 8 )
++      if ( p->glyph_enc > 0                                      &&
++           (size_t)p->glyph_enc >= sizeof ( p->have ) /
++                                   sizeof ( unsigned long ) * 32 )
+       {
+         FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG5, lineno, "ENCODING" ));
+         error = BDF_Err_Invalid_File_Format;
diff --git a/freetype.spec b/freetype.spec
index 9b7d47f..6d0c46d 100644
--- a/freetype.spec
+++ b/freetype.spec
@@ -7,7 +7,7 @@
 Summary: A free and portable font rendering engine
 Name: freetype
 Version: 2.4.10
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: FTL or GPLv2+
 Group: System Environment/Libraries
 URL: http://www.freetype.org
@@ -25,6 +25,9 @@ Patch47:  freetype-2.3.11-more-demos.patch
 # Fix multilib conflicts
 Patch88:  freetype-multilib.patch
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=903554
+Patch89:  freetype-2.4.10-CVE-2012-5669.patch
+
 Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
 
 BuildRequires: libX11-devel
@@ -84,6 +87,7 @@ pushd ft2demos-%{version}
 popd
 
 %patch88 -p1 -b .multilib
+%patch89 -p1 -b .CVE-2012-5669
 
 %build
 
@@ -216,6 +220,10 @@ rm -rf $RPM_BUILD_ROOT
 %doc docs/tutorial
 
 %changelog
+* Thu Jan 24 2013 Marek Kasik <mkasik at redhat.com> 2.4.10-3
+- Fixes CVE-2012-5669
+- Resolves: #903554
+
 * Fri Jul 27 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.4.10-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

More information about the fonts-bugs mailing list