Security bugfix
Add freetype-2.4.2-CVE-2010-3311.patch (Don't seek behind end of stream.) Resolves: #638522
This commit is contained in:
parent
c0025fce13
commit
52636102b5
37
freetype-2.4.2-CVE-2010-3311.patch
Normal file
37
freetype-2.4.2-CVE-2010-3311.patch
Normal file
@ -0,0 +1,37 @@
|
||||
--- freetype-2.4.2/src/base/ftstream.c 2010-08-04 15:52:01.000000000 +0200
|
||||
+++ freetype-2.4.2/src/base/ftstream.c 2010-10-06 18:47:07.000000000 +0200
|
||||
@@ -59,8 +59,17 @@
|
||||
{
|
||||
FT_Error error = FT_Err_Ok;
|
||||
|
||||
+ /* note that seeking to the first position after the file is valid */
|
||||
+ if ( pos > stream->size )
|
||||
+ {
|
||||
+ FT_ERROR(( "FT_Stream_Seek:"
|
||||
+ " invalid i/o; pos = 0x%lx, size = 0x%lx\n",
|
||||
+ pos, stream->size ));
|
||||
|
||||
- if ( stream->read )
|
||||
+ error = FT_Err_Invalid_Stream_Operation;
|
||||
+ }
|
||||
+
|
||||
+ if ( !error && stream->read )
|
||||
{
|
||||
if ( stream->read( stream, pos, 0, 0 ) )
|
||||
{
|
||||
@@ -71,15 +80,6 @@
|
||||
error = FT_Err_Invalid_Stream_Operation;
|
||||
}
|
||||
}
|
||||
- /* note that seeking to the first position after the file is valid */
|
||||
- else if ( pos > stream->size )
|
||||
- {
|
||||
- FT_ERROR(( "FT_Stream_Seek:"
|
||||
- " invalid i/o; pos = 0x%lx, size = 0x%lx\n",
|
||||
- pos, stream->size ));
|
||||
-
|
||||
- error = FT_Err_Invalid_Stream_Operation;
|
||||
- }
|
||||
|
||||
if ( !error )
|
||||
stream->pos = pos;
|
@ -7,7 +7,7 @@
|
||||
Summary: A free and portable font rendering engine
|
||||
Name: freetype
|
||||
Version: 2.4.2
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: FTL or GPLv2+
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.freetype.org
|
||||
@ -26,6 +26,8 @@ Patch47: freetype-2.3.11-more-demos.patch
|
||||
# Fix multilib conflicts
|
||||
Patch88: freetype-multilib.patch
|
||||
|
||||
Patch89: freetype-2.4.2-CVE-2010-3311.patch
|
||||
|
||||
Buildroot: %{_tmppath}/%{name}-%{version}-root-%(%{__id_u} -n)
|
||||
|
||||
BuildRequires: libX11-devel
|
||||
@ -91,6 +93,7 @@ pushd ft2demos-%{version}
|
||||
popd
|
||||
|
||||
%patch88 -p1 -b .multilib
|
||||
%patch89 -p1 -b .CVE-2010-3311
|
||||
|
||||
%build
|
||||
|
||||
@ -223,6 +226,11 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%doc docs/tutorial
|
||||
|
||||
%changelog
|
||||
* Wed Oct 6 2010 Marek Kasik <mkasik@redhat.com> 2.4.2-3
|
||||
- Add freetype-2.4.2-CVE-2010-3311.patch
|
||||
(Don't seek behind end of stream.)
|
||||
- Resolves: #638522
|
||||
|
||||
* Fri Aug 6 2010 Matthias Clasen <mclasen@redhat.com> 2.4.2-2
|
||||
- Fix a thinko, we still want to disable the bytecode interpreter
|
||||
by default
|
||||
|
Loading…
Reference in New Issue
Block a user