summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--x11-libs/libXfont/ChangeLog11
-rw-r--r--x11-libs/libXfont/files/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch36
-rw-r--r--x11-libs/libXfont/files/digest-libXfont-1.3.1-r13
-rw-r--r--x11-libs/libXfont/libXfont-1.3.1-r1.ebuild38
4 files changed, 86 insertions, 2 deletions
diff --git a/x11-libs/libXfont/ChangeLog b/x11-libs/libXfont/ChangeLog
index 3ebd3b442f3b..2175330c54e2 100644
--- a/x11-libs/libXfont/ChangeLog
+++ b/x11-libs/libXfont/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for x11-libs/libXfont
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-libs/libXfont/ChangeLog,v 1.83 2007/12/19 23:34:15 cla Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libXfont/ChangeLog,v 1.84 2008/01/17 18:55:38 dberkholz Exp $
+
+*libXfont-1.3.1-r1 (17 Jan 2008)
+
+ 17 Jan 2008; Donnie Berkholz <dberkholz@gentoo.org>;
+ +files/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch,
+ +libXfont-1.3.1-r1.ebuild:
+ (#204362) Security bump.
19 Dec 2007; Dawid Węgliński <cla@gentoo.org> libXfont-1.3.1.ebuild:
Stable on x86 (bug #202087)
diff --git a/x11-libs/libXfont/files/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch b/x11-libs/libXfont/files/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch
new file mode 100644
index 000000000000..ff7c48e54a26
--- /dev/null
+++ b/x11-libs/libXfont/files/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch
@@ -0,0 +1,36 @@
+From b76df66d2c507898472bba0f9986ef5700029a36 Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@bluenote.herrb.com>
+Date: Thu, 17 Jan 2008 15:30:37 +0100
+Subject: [PATCH] Fix for CVE-2008-0006 - PCF Font parser buffer overflow.
+
+---
+ src/bitmap/pcfread.c | 6 ++++++
+ 1 files changed, 6 insertions(+), 0 deletions(-)
+
+diff --git a/src/bitmap/pcfread.c b/src/bitmap/pcfread.c
+index fd41849..c5db255 100644
+--- a/src/bitmap/pcfread.c
++++ b/src/bitmap/pcfread.c
+@@ -588,6 +588,9 @@ pcfReadFont(FontPtr pFont, FontFilePtr file,
+ pFont->info.lastRow = pcfGetINT16(file, format);
+ pFont->info.defaultCh = pcfGetINT16(file, format);
+ if (IS_EOF(file)) goto Bail;
++ if (pFont->info.firstCol > pFont->info.lastCol ||
++ pFont->info.firstRow > pFont->info.lastRow ||
++ pFont->info.lastCol-pFont->info.firstCol > 255) goto Bail;
+
+ nencoding = (pFont->info.lastCol - pFont->info.firstCol + 1) *
+ (pFont->info.lastRow - pFont->info.firstRow + 1);
+@@ -726,6 +729,9 @@ pcfReadFontInfo(FontInfoPtr pFontInfo, FontFilePtr file)
+ pFontInfo->lastRow = pcfGetINT16(file, format);
+ pFontInfo->defaultCh = pcfGetINT16(file, format);
+ if (IS_EOF(file)) goto Bail;
++ if (pFontInfo->firstCol > pFontInfo->lastCol ||
++ pFontInfo->firstRow > pFontInfo->lastRow ||
++ pFontInfo->lastCol-pFontInfo->firstCol > 255) goto Bail;
+
+ nencoding = (pFontInfo->lastCol - pFontInfo->firstCol + 1) *
+ (pFontInfo->lastRow - pFontInfo->firstRow + 1);
+--
+1.5.3.5
+
diff --git a/x11-libs/libXfont/files/digest-libXfont-1.3.1-r1 b/x11-libs/libXfont/files/digest-libXfont-1.3.1-r1
new file mode 100644
index 000000000000..44b03f1a9900
--- /dev/null
+++ b/x11-libs/libXfont/files/digest-libXfont-1.3.1-r1
@@ -0,0 +1,3 @@
+MD5 b2f396b62633819bbdd9748383876e21 libXfont-1.3.1.tar.bz2 564235
+RMD160 13c8ed7b33ec0c4f08c032d74958e49d3c177464 libXfont-1.3.1.tar.bz2 564235
+SHA256 dcfb7dc980a16ad98ac984b98321148864ea8b4637d3dd3773e483a14158a9b1 libXfont-1.3.1.tar.bz2 564235
diff --git a/x11-libs/libXfont/libXfont-1.3.1-r1.ebuild b/x11-libs/libXfont/libXfont-1.3.1-r1.ebuild
new file mode 100644
index 000000000000..7462d50eaaac
--- /dev/null
+++ b/x11-libs/libXfont/libXfont-1.3.1-r1.ebuild
@@ -0,0 +1,38 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libXfont/libXfont-1.3.1-r1.ebuild,v 1.1 2008/01/17 18:55:38 dberkholz Exp $
+
+# Must be before x-modular eclass is inherited
+# SNAPSHOT="yes"
+
+inherit x-modular flag-o-matic
+
+DESCRIPTION="X.Org Xfont library"
+
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="ipv6"
+
+RDEPEND="x11-libs/xtrans
+ x11-libs/libfontenc
+ x11-proto/xproto
+ x11-proto/fontsproto
+ >=media-libs/freetype-2"
+DEPEND="${RDEPEND}
+ x11-proto/fontcacheproto"
+
+CONFIGURE_OPTIONS="$(use_enable ipv6)
+ --with-encodingsdir=/usr/share/fonts/encodings"
+
+PATCHES="
+ ${FILESDIR}/0001-Fix-for-CVE-2008-0006-PCF-Font-parser-buffer-overf.patch
+ "
+
+pkg_setup() {
+ # No such function yet
+ # x-modular_pkg_setup
+
+ # (#125465) Broken with Bdirect support
+ filter-flags -Wl,-Bdirect
+ filter-ldflags -Bdirect
+ filter-ldflags -Wl,-Bdirect
+}