[t1lib] Add patch to fix CVE-2011-0764
jamatos
jamatos at fedoraproject.org
Tue Jan 3 12:01:42 UTC 2012
commit 509857ad58e8fc394439e518470dc8c5a4c923b2
Author: José Matos <jamatos at fedoraproject.org>
Date: Tue Jan 3 12:01:37 2012 +0000
Add patch to fix CVE-2011-0764
t1lib-5.1.2-cve-2011-0764.patch | 35 +++++++++++++++++++++++++++++++++++
t1lib.spec | 7 ++++++-
2 files changed, 41 insertions(+), 1 deletions(-)
---
diff --git a/t1lib-5.1.2-cve-2011-0764.patch b/t1lib-5.1.2-cve-2011-0764.patch
new file mode 100644
index 0000000..5eaa989
--- /dev/null
+++ b/t1lib-5.1.2-cve-2011-0764.patch
@@ -0,0 +1,35 @@
+--- t1lib-5.1.2.fix/lib/type1/type1.c 2007-12-23 21:19:42.000000000 +0530
++++ t1lib-5.1.2.fix/lib/type1/type1.c 2012-01-03 11:54:52.257808202 +0530
+@@ -1289,7 +1289,7 @@
+ static int DoRead(CodeP)
+ int *CodeP;
+ {
+- if (strindex >= CharStringP->len) return(FALSE); /* end of string */
++ if (!CharStringP || strindex >= CharStringP->len) return(FALSE); /* end of string */
+ /* We handle the non-documented Adobe convention to use lenIV=-1 to
+ suppress charstring encryption. */
+ if (blues->lenIV==-1) {
+@@ -1700,6 +1700,7 @@
+ long pindex = 0;
+
+ /* compute hinting for previous segment! */
++ if (ppoints == NULL) Error0i("RLineTo: No previous point!\n");
+ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy);
+
+ /* Allocate a new path point and pre-setup data */
+@@ -1728,6 +1729,7 @@
+ long pindex = 0;
+
+ /* compute hinting for previous point! */
++ if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n");
+ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1);
+
+ /* Allocate three new path points and pre-setup data */
+@@ -1903,6 +1905,7 @@
+ FindStems( currx, curry, 0, 0, dx, dy);
+ }
+ else {
++ if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n");
+ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy);
+ }
+
diff --git a/t1lib.spec b/t1lib.spec
index a602d51..b678339 100644
--- a/t1lib.spec
+++ b/t1lib.spec
@@ -1,6 +1,6 @@
Name: t1lib
Version: 5.1.2
-Release: 7%{?dist}
+Release: 8%{?dist}
Summary: PostScript Type 1 font rasterizer
@@ -10,6 +10,7 @@ URL: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-%{version}.l
Source0: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-%{version}.tar.gz
Patch0: http://ftp.de.debian.org/debian/pool/main/t/t1lib/t1lib_5.1.2-3.diff.gz
Patch1: t1lib-5.1.2-segf.patch
+Patch2: t1lib-5.1.2-cve-2011-0764.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libXaw-devel
@@ -51,6 +52,7 @@ This package contains static libraries for %{name}.
%setup -q
%patch0 -p1
%patch1 -p1 -b .segf
+%patch2 -p1 -b .cve-2011-0764
# use debian patches directly instead of duplicating them
#patch -p1 < debian/patches/segfault.diff -b -z .segf
@@ -137,6 +139,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Tue Jan 3 2012 José Matos <jamatos at fedoraproject.org> - 5.1.2-8
+- Add patch to fix CVE-2011-0764
+
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 5.1.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
More information about the scm-commits
mailing list