Update to 2.4.4
Remove freetype-2.4.3-CVE-2010-3855.patch Resolves: #659020
This commit is contained in:
parent
4548e1aa04
commit
198717f8eb
3
.gitignore
vendored
3
.gitignore
vendored
@ -7,3 +7,6 @@ ft2demos-2.4.2.tar.bz2
|
||||
/freetype-2.4.3.tar.bz2
|
||||
/freetype-doc-2.4.3.tar.bz2
|
||||
/ft2demos-2.4.3.tar.bz2
|
||||
/freetype-2.4.4.tar.bz2
|
||||
/freetype-doc-2.4.4.tar.bz2
|
||||
/ft2demos-2.4.4.tar.bz2
|
||||
|
@ -1,20 +0,0 @@
|
||||
--- freetype-2.4.3/src/truetype/ttgxvar.c 2010-07-12 21:03:49.000000000 +0200
|
||||
+++ freetype-2.4.3/src/truetype/ttgxvar.c 2010-11-15 10:23:43.856348141 +0100
|
||||
@@ -154,7 +154,7 @@
|
||||
runcnt = runcnt & GX_PT_POINT_RUN_COUNT_MASK;
|
||||
first = points[i++] = FT_GET_USHORT();
|
||||
|
||||
- if ( runcnt < 1 )
|
||||
+ if ( runcnt < 1 || i + runcnt >= n )
|
||||
goto Exit;
|
||||
|
||||
/* first point not included in runcount */
|
||||
@@ -165,7 +165,7 @@
|
||||
{
|
||||
first = points[i++] = FT_GET_BYTE();
|
||||
|
||||
- if ( runcnt < 1 )
|
||||
+ if ( runcnt < 1 || i + runcnt >= n )
|
||||
goto Exit;
|
||||
|
||||
for ( j = 0; j < runcnt; ++j )
|
@ -6,8 +6,8 @@
|
||||
|
||||
Summary: A free and portable font rendering engine
|
||||
Name: freetype
|
||||
Version: 2.4.3
|
||||
Release: 2%{?dist}
|
||||
Version: 2.4.4
|
||||
Release: 1%{?dist}
|
||||
License: FTL or GPLv2+
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.freetype.org
|
||||
@ -27,7 +27,6 @@ Patch47: freetype-2.3.11-more-demos.patch
|
||||
Patch88: freetype-multilib.patch
|
||||
|
||||
Patch89: freetype-2.4.2-CVE-2010-3311.patch
|
||||
Patch90: freetype-2.4.3-CVE-2010-3855.patch
|
||||
|
||||
Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
|
||||
|
||||
@ -95,7 +94,6 @@ popd
|
||||
|
||||
%patch88 -p1 -b .multilib
|
||||
%patch89 -p1 -b .CVE-2010-3311
|
||||
%patch90 -p1 -b .CVE-2010-3855
|
||||
|
||||
%build
|
||||
|
||||
@ -228,6 +226,11 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%doc docs/tutorial
|
||||
|
||||
%changelog
|
||||
* Thu Dec 2 2010 Marek Kasik <mkasik@redhat.com> 2.4.4-1
|
||||
- Update to 2.4.4
|
||||
- Remove freetype-2.4.3-CVE-2010-3855.patch
|
||||
- Resolves: #659020
|
||||
|
||||
* Mon Nov 15 2010 Marek Kasik <mkasik@redhat.com> 2.4.3-2
|
||||
- Add freetype-2.4.3-CVE-2010-3855.patch
|
||||
(Protect against invalid `runcnt' values.)
|
||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
75ac7082bde7b3805dc5d6bc806fa045 freetype-2.4.3.tar.bz2
|
||||
79a0fa0444eb7f2f46e75cae74c0772d freetype-doc-2.4.3.tar.bz2
|
||||
ffc0152660b96ba2126926860e6d7bcc ft2demos-2.4.3.tar.bz2
|
||||
b3e2b6e2f1c3e0dffa1fd2a0f848b671 freetype-2.4.4.tar.bz2
|
||||
a657e301bc1568848ee981297ca599dc freetype-doc-2.4.4.tar.bz2
|
||||
8a95c095fa5fe87a00b08e3027105071 ft2demos-2.4.4.tar.bz2
|
||||
|
Loading…
Reference in New Issue
Block a user