diff options
author | Koop Mast <kwm@FreeBSD.org> | 2014-03-09 10:23:40 +0000 |
---|---|---|
committer | Koop Mast <kwm@FreeBSD.org> | 2014-03-09 10:23:40 +0000 |
commit | b2f2f6a6fd9c374117cda1278fdffa27d272ca92 (patch) | |
tree | d61a2f06f396853dcd5b7b41895c47e958feeca6 | |
parent | 12ce11549331986f72672232af153372cd10138b (diff) | |
download | ports-b2f2f6a6fd9c374117cda1278fdffa27d272ca92.tar.gz ports-b2f2f6a6fd9c374117cda1278fdffa27d272ca92.zip |
Add patches to fix security issue.
This is done via direct commit, because the freetype2 update to 2.5.3 isn't
mergeable due to freetype header shuffle which happend in 2.5.1.
Tweak the freetype2 version in the vuxml to point to the fix version.
Approved by: portmgr (antoine@, erwin@)
Obtained from: freetype2 upstream
Security: 1a0de610-a761-11e3-95fe-bcaec565249c
Notes
Notes:
svn path=/branches/2014Q1/; revision=347562
-rw-r--r-- | print/freetype2/Makefile | 1 | ||||
-rw-r--r-- | print/freetype2/files/patch-41697 | 113 | ||||
-rw-r--r-- | security/vuxml/vuln.xml | 2 |
3 files changed, 115 insertions, 1 deletions
diff --git a/print/freetype2/Makefile b/print/freetype2/Makefile index c8e966b4f7ca..ad7e5a782ca1 100644 --- a/print/freetype2/Makefile +++ b/print/freetype2/Makefile @@ -4,6 +4,7 @@ PORTNAME= freetype2 PORTVERSION= 2.5.0.1 +PORTREVISION= 1 CATEGORIES= print MASTER_SITES= SF/freetype/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+\.[0-9]+).*/\1/}/ \ http://sunsite.cnlab-switch.ch/ftp/mirror/freetype/freetype2/ \ diff --git a/print/freetype2/files/patch-41697 b/print/freetype2/files/patch-41697 new file mode 100644 index 000000000000..543a11dc6ae1 --- /dev/null +++ b/print/freetype2/files/patch-41697 @@ -0,0 +1,113 @@ +From 0eae6eb0645264c98812f0095e0f5df4541830e6 Mon Sep 17 00:00:00 2001 +From: Dave Arnold <darnold@adobe.com> +Date: Fri, 28 Feb 2014 06:40:01 +0000 +Subject: Fix Savannah bug #41697, part 1. + +* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is +invalid. In this case, it is not safe to use the length of +`hStemHintArray'; the exception has already been recorded in +`hintMask'. +--- +diff --git a/ChangeLog b/ChangeLog +index 2010fda..1f48e24 100644 +--- ChangeLog ++++ ChangeLog +@@ -1,3 +1,12 @@ ++2014-02-28 Dave Arnold <darnold@adobe.com> ++ ++ [cff] Fix Savannah bug #41697, part 1. ++ ++ * src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is ++ invalid. In this case, it is not safe to use the length of ++ `hStemHintArray'; the exception has already been recorded in ++ `hintMask'. ++ + 2014-02-26 Werner Lemberg <wl@gnu.org> + + [sfnt] Fix Savannah bug #41696. +diff --git a/src/cff/cf2hints.c b/src/cff/cf2hints.c +index 5f44161..79f84fc 100644 +--- src/cff/cf2hints.c ++++ src/cff/cf2hints.c +@@ -781,6 +781,8 @@ + cf2_hintmask_setAll( hintMask, + cf2_arrstack_size( hStemHintArray ) + + cf2_arrstack_size( vStemHintArray ) ); ++ if ( !cf2_hintmask_isValid( hintMask ) ) ++ return; /* too many stem hints */ + } + + /* begin by clearing the map */ +-- +cgit v0.9.0.2 +From 135c3faebb96f8f550bd4f318716f2e1e095a969 Mon Sep 17 00:00:00 2001 +From: Dave Arnold <darnold@adobe.com> +Date: Fri, 28 Feb 2014 06:42:42 +0000 +Subject: Fix Savannah bug #41697, part 2. + +* src/cff/cf2ft.c (cf2_initLocalRegionBuffer, +cf2_initGlobalRegionBuffer): It is possible for a charstring to call +a subroutine if no subroutines exist. This is an error but should +not trigger an assert. Split the assert to account for this. +--- +diff --git a/ChangeLog b/ChangeLog +index 1f48e24..164aa6b 100644 +--- ChangeLog ++++ ChangeLog +@@ -1,5 +1,14 @@ + 2014-02-28 Dave Arnold <darnold@adobe.com> + ++ [cff] Fix Savannah bug #41697, part 2. ++ ++ * src/cff/cf2ft.c (cf2_initLocalRegionBuffer, ++ cf2_initGlobalRegionBuffer): It is possible for a charstring to call ++ a subroutine if no subroutines exist. This is an error but should ++ not trigger an assert. Split the assert to account for this. ++ ++2014-02-28 Dave Arnold <darnold@adobe.com> ++ + [cff] Fix Savannah bug #41697, part 1. + + * src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is +diff --git a/src/cff/cf2ft.c b/src/cff/cf2ft.c +index df5f8fb..82bac75 100644 +--- src/cff/cf2ft.c ++++ src/cff/cf2ft.c +@@ -521,7 +521,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->globals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -529,6 +529,8 @@ + if ( idx >= decoder->num_globals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->globals ); ++ + buf->start = + buf->ptr = decoder->globals[idx]; + buf->end = decoder->globals[idx + 1]; +@@ -594,7 +596,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->locals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -602,6 +604,8 @@ + if ( idx >= decoder->num_locals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->locals ); ++ + buf->start = + buf->ptr = decoder->locals[idx]; + buf->end = decoder->locals[idx + 1]; +-- +cgit v0.9.0.2 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index ad5ac7be08f7..afb0bb7ff113 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -56,7 +56,7 @@ Note: Please add new entries to the beginning of this file. <affects> <package> <name>freetype2</name> - <range><lt>2.5.3</lt></range> + <range><lt>2.5.0.1_1</lt></range> </package> </affects> <description> |