rpms/harfbuzz
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves:rh#2103849 CVE-2022-33068

Browse Source 
Fix Covscan compiler warning for inclusion of parenthesis
Update tests.yaml
This commit is contained in:
Parag Nemade 2022-07-18 11:16:26 +05:30
parent 7b433c6c08
commit 03e75c267a
No known key found for this signature in database
GPG Key ID: 71932951EB71E972
4 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2022-33068-sbix-Limit-glyph-extents.patch
View File

@ -16,7 +16,7 @@ index 9741ebd45..6efae43cd 100644
const PNGHeader &png = *blob->as<PNGHeader>(); const PNGHeader &png = *blob->as<PNGHeader>();
+ if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536) + if ((png.IHDR.height >= 65536) | (png.IHDR.width >= 65536))
+ { + {
+ hb_blob_destroy (blob); + hb_blob_destroy (blob);
+ return false; + return false;

7
harfbuzz.spec
View File

@ -1,6 +1,6 @@
Name: harfbuzz Name: harfbuzz
Version: 2.7.4 Version: 2.7.4
Release: 6%{?dist} Release: 7%{?dist}
Summary: Text shaping library Summary: Text shaping library
License: MIT License: MIT
@ -91,6 +91,11 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
%{_libdir}/libharfbuzz-icu.so.* %{_libdir}/libharfbuzz-icu.so.*
%changelog %changelog
* Mon Jul 18 2022 Parag Nemade <pnemade AT redhat DOT co> - 2.7.4-7
- Resolves:rh#2103849 CVE-2022-33068
- Fix Covscan compiler warning for inclusion of parenthesis
- Update tests.yaml
* Fri Jul 15 2022 Parag Nemade <pnemade AT redhat DOT com> - 2.7.4-6 * Fri Jul 15 2022 Parag Nemade <pnemade AT redhat DOT com> - 2.7.4-6
- Resolves:rh#2103849 CVE-2022-33068 - Resolves:rh#2103849 CVE-2022-33068
harfbuzz: integer overflow in the component hb-ot-shape-fallback.c harfbuzz: integer overflow in the component hb-ot-shape-fallback.c

14
tests/smoke/runtest.sh
View File

@ -1,4 +1,5 @@
#!/bin/bash #!/bin/bash
set -e
cd ../source cd ../source
echo "---Start autogen.sh---" echo "---Start autogen.sh---"
@ -6,4 +7,15 @@ NOCONFIGURE=1 ./autogen.sh
echo "---End autogen.sh---" echo "---End autogen.sh---"
echo "--------------------" echo "--------------------"
find . -type f -exec sed -i 's/env python/python3/g' {} \; && ./configure --disable-static --with-graphite2 && echo "--------------------"; echo "---Start make check---"; make check; echo "---End make check---" ./configure --disable-static --with-graphite2 --with-gobject --enable-introspection
echo "--------------------"
echo "---Start make check---"
make check
retval=$?
echo $retval
if [ $retval -ne 0 ]; then
echo "make check failed"
else
echo "make check completed sucessfully"
fi
echo "---End make check---"

5
tests/tests.yml
View File

@ -4,6 +4,11 @@
- classic - classic
roles: roles:
- role: standard-test-source - role: standard-test-source
tasks:
- name: Enable EPEL repository
shell: dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
args:
warn: false
- hosts: localhost - hosts: localhost
tags: tags: