diff options
| author |   Ryan Hill <rhill@gentoo.org> | 2010-11-18 01:52:21 +0000 |
|---|---|---|
| committer | Ryan Hill <rhill@gentoo.org> | 2010-11-18 01:52:21 +0000 |
| commit | 8a476dac9ba348b9c076e8d39df841500097103b (patch) | |
| tree | 08d25d6b6a8b89f150c839167f1fd40eab977d62 /media-libs | |
| parent | Version bump (diff) | |
| download | historical-8a476dac9ba348b9c076e8d39df841500097103b.tar.gz historical-8a476dac9ba348b9c076e8d39df841500097103b.tar.bz2 historical-8a476dac9ba348b9c076e8d39df841500097103b.zip | |
Revision bump for bug #345843. Remove old.
Package-Manager: portage-2.2.0_alpha4/cvs/Linux x86_64
Diffstat (limited to 'media-libs')
| -rw-r--r-- | media-libs/freetype/ChangeLog | 8 | ||||
| -rw-r--r-- | media-libs/freetype/Manifest | 11 | ||||
| -rw-r--r-- | media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch | 33 | ||||
| -rw-r--r-- | media-libs/freetype/freetype-2.4.3-r2.ebuild (renamed from media-libs/freetype/freetype-2.4.3.ebuild) | 6 |
4 files changed, 50 insertions, 8 deletions
diff --git a/media-libs/freetype/ChangeLog b/media-libs/freetype/ChangeLog index d36a6e0a5efa..95901042f931 100644 --- a/media-libs/freetype/ChangeLog +++ b/media-libs/freetype/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-libs/freetype # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.277 2010/10/26 00:09:21 halcy0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.278 2010/11/18 01:52:21 dirtyepic Exp $ + +*freetype-2.4.3-r2 (18 Nov 2010) + + 18 Nov 2010; Ryan Hill <dirtyepic@gentoo.org> -freetype-2.4.3.ebuild, + +freetype-2.4.3-r2.ebuild, +files/freetype-2.4.3-CVE-2010-3814.patch: + Revision bump for bug #345843. Remove old. 26 Oct 2010; Mark Loeser <halcy0n@gentoo.org> freetype-2.4.3-r1.ebuild: Stable for ppc64; bug #342121 diff --git a/media-libs/freetype/Manifest b/media-libs/freetype/Manifest index eeeaa0042d07..af313d7fba2f 100644 --- a/media-libs/freetype/Manifest +++ b/media-libs/freetype/Manifest @@ -13,6 +13,7 @@ AUX freetype-1.4_pre20080316-CVE-2008-1808.patch 2595 RMD160 beb43899f15f92a25c3 AUX freetype-1.4_pre20080316-LDLFAGS.patch 1322 RMD160 c8a9123281039e9ae52ba7275452e3a88e0f33fb SHA1 720dbd33eb18fd307b54cf3458a4745aad247d77 SHA256 ce0490240cb78b90fe8c28fa56ca4c379b72aedd2d1c5926a1fcb871e3ab40c4 AUX freetype-1.4_pre20080316-kpathsea_version.patch 1215 RMD160 b6c5fdc3e5c19038ffd341f2432ea4f9efaff59f SHA1 b9e1f1ebaad73a66ed3bf938289b7df2e10b8bdd SHA256 e95fa815f820fbc1391e49c9406d48dc310838053e174972c437000cc3c646da AUX freetype-2.3.2-enable-valid.patch 624 RMD160 88bc4de26daa91a09dda2ca1308319c0cf7dff4d SHA1 212c5c9e3362b3a058803bb5031358b5b92a1d29 SHA256 3c26cd8b92510490b4bdbdd12b078e33a4f8607eaee64a800c3ea23097d5d43b +AUX freetype-2.4.3-CVE-2010-3814.patch 955 RMD160 e43baeaf0c2b5d4b035a30eba197c5deb3236336 SHA1 e49082947d6bad1067a6889e84465f5a6b354bd0 SHA256 1a90052e1c37a59a67f2ecc794815e27d06bad5be21f7d1626ca10b3b6ec5314 AUX freetype-2.4.3-SA41738.patch 1165 RMD160 a1abec119daea6951bc6bcf9202915ca33c0a0ef SHA1 2ce3c4ae3526e0d9203e8e0e631c0718e960a2fb SHA256 f96fcf4285104d539073495050d4d661a1498a2e81f200bd64f562a994f1c21f DIST freetype-1.4_pre20080316.tar.bz2 1199805 RMD160 5fb5b0737de968602008991c80dac827ea6fdca0 SHA1 73d4289f509213361b040dc9b649e27f810b133a SHA256 b88e8827dfeebcd0c663cac19c798acbd2f1129eaf89172eb26c3594700316a2 DIST freetype-2.4.2.tar.bz2 1433843 RMD160 5e3970f3a9e242255489111f77fe880d5d524860 SHA1 cc257ceda2950b8c80950d780ccf3ce665a815d1 SHA256 9a987aef8c50d9bcfdfdc9f012f8bd0de6095cc1a5524e62c1a037deb8dacbfe @@ -24,13 +25,13 @@ DIST ft2demos-2.4.3.tar.bz2 161975 RMD160 9fd687813c8d03186287e22780ce2058f62ef9 EBUILD freetype-1.4_pre20080316-r2.ebuild 3811 RMD160 50e9146f86b280a8b487a9bf10f5c5a86457a5da SHA1 8f0d640c5879750dab079c79357fddef7324ee33 SHA256 0086e81f79c162424d73e1046bb4ae4c7da9b4d7e25757ebd0b6910b4141a4b7 EBUILD freetype-2.4.2.ebuild 3287 RMD160 b5e085ec42cb7fcdb0608739004f571fb2a087bc SHA1 b39aef6bc895e96bc8459de5ea10beae138b56c3 SHA256 d9bda7a647fe6f8e1c84c59d33e27aae38733377c8c616ea2b6a86f9a1903773 EBUILD freetype-2.4.3-r1.ebuild 3336 RMD160 3d40b8378ae72e5b713072f39db2dea804357686 SHA1 b4d55546dfbe39b073be27013623288d2a11818d SHA256 e78c820ee3fbeff20ef0bdad1298fd9cf4e6dcd6e53205865870f663aff228a5 -EBUILD freetype-2.4.3.ebuild 3293 RMD160 d399f711e0daac10714fa766eca78acb77757caf SHA1 1baf15d7b6b3b879a981b4a62f5468834110c538 SHA256 581a84199d2c489397fc8557b25080d31565566f0bdb417146f3519148e11751 -MISC ChangeLog 42050 RMD160 4b49ae7d29dabe2eea6d123f7542e48f80601874 SHA1 bb6cbcbe40dbc0de325f0c44cf29b56e7b194342 SHA256 6f14c1d3c82d2cb420bce56c1d6cde2845c3ae396e00c6e2cd66295a018ac00c +EBUILD freetype-2.4.3-r2.ebuild 3404 RMD160 b4bd27f281e52915336799d2cfb890acac2a32e7 SHA1 52c50002bcf4ddbc44925d53d724c3800bfe7f88 SHA256 437ab89f9f64b6b47d6a01a2a133c053d5faf4fc566fa6bccd76b27ebd06e036 +MISC ChangeLog 42276 RMD160 501196053c92e68f38bbc0b8f80ffe207edb8718 SHA1 e7520d523550fb5bd8606fe9a7e5be62f0aca4a0 SHA256 1f06c996c83996aea8b4dd0dcd0adf35525a0c88382e143fe542632e0652ffd4 MISC metadata.xml 607 RMD160 876e7ed36a36576541170c5648230f8ed33c5c92 SHA1 32f2a18811819f1810f97665005964f805893eeb SHA256 88c9bca38a1cf56277afdd823aed27d2ef3746cb79f2e55e3cc88d33ee729e72 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) -iEYEARECAAYFAkzGHDcACgkQCRZPokWLroToGQCgr1SG28ph1wNnROURkIcD1OBr -xpQAoM5R+3dkdCe0BI8C9R63/0qHQWIL -=kczS +iEYEARECAAYFAkzkh/4ACgkQiqiDRvmkBmIrTQCeKIAcSQnzFjXLEMH+qHLj1r5v +7q0AnAnQrnGMpo8I3o++Cx2JS91gmo+M +=Ud7M -----END PGP SIGNATURE----- diff --git a/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch new file mode 100644 index 000000000000..6f4740e259f0 --- /dev/null +++ b/media-libs/freetype/files/freetype-2.4.3-CVE-2010-3814.patch @@ -0,0 +1,33 @@ +CVE-2010-3814 +https://bugs.gentoo.org/345843 + +From 0edf0986f3be570f5bf90ff245a85c1675f5c9a4 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg <wl@gnu.org> +Date: Wed, 06 Oct 2010 09:52:27 +0000 +Subject: [truetype] Improve error handling of `SHZ' bytecode instruction. + +Problem reported by Chris Evans <scarybeasts@gmail.com>. + +* src/truetype/ttinterp.c (Ins_SHZ): Check `last_point'. +--- +--- a/src/truetype/ttinterp.c ++++ b/src/truetype/ttinterp.c +@@ -5795,7 +5795,16 @@ + if ( CUR.GS.gep2 == 0 && CUR.zp2.n_points > 0 ) + last_point = (FT_UShort)( CUR.zp2.n_points - 1 ); + else if ( CUR.GS.gep2 == 1 && CUR.zp2.n_contours > 0 ) ++ { + last_point = (FT_UShort)( CUR.zp2.contours[CUR.zp2.n_contours - 1] ); ++ ++ if ( BOUNDS( last_point, CUR.zp2.n_points ) ) ++ { ++ if ( CUR.pedantic_hinting ) ++ CUR.error = TT_Err_Invalid_Reference; ++ return; ++ } ++ } + else + last_point = 0; + +-- +cgit v0.8.3.2 diff --git a/media-libs/freetype/freetype-2.4.3.ebuild b/media-libs/freetype/freetype-2.4.3-r2.ebuild index 9dd439c39cb5..4303a4ad6128 100644 --- a/media-libs/freetype/freetype-2.4.3.ebuild +++ b/media-libs/freetype/freetype-2.4.3-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3.ebuild,v 1.4 2010/10/22 14:48:50 fauli Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.3-r2.ebuild,v 1.1 2010/11/18 01:52:21 dirtyepic Exp $ EAPI="2" @@ -14,7 +14,7 @@ SRC_URI="mirror://sourceforge/freetype/${P/_/}.tar.bz2 LICENSE="FTL GPL-2" SLOT="2" -KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" IUSE="X auto-hinter bindist debug doc utils fontforge" DEPEND="sys-libs/zlib @@ -56,6 +56,8 @@ src_prepare() { disable_option FT_CONFIG_OPTION_OLD_INTERNALS epatch "${FILESDIR}"/${PN}-2.3.2-enable-valid.patch + epatch "${FILESDIR}"/${PN}-2.4.3-SA41738.patch + epatch "${FILESDIR}"/${PN}-2.4.3-CVE-2010-3814.patch if use utils; then cd "${WORKDIR}/ft2demos-${PV}" |