diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-06-13 12:29:07 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-06-13 12:29:07 +0000 |
| commit | 7a7493c33286ca7e43c8171cd6fad02bd13574c8 (patch) | |
| tree | 2e0f96ab643b7699e8035bd1537744000303265f /main/freetype | |
| parent | 599da1ef36c21d244ab85a210d2a31fe48c7a329 (diff) | |
| download | aports-7a7493c33286ca7e43c8171cd6fad02bd13574c8.tar.bz2 aports-7a7493c33286ca7e43c8171cd6fad02bd13574c8.tar.xz | |
main/freetype: security fix (CVE-2018-6942)
Fixes #8987
Diffstat (limited to 'main/freetype')
| -rw-r--r-- | main/freetype/APKBUILD | 6 | ||||
| -rw-r--r-- | main/freetype/CVE-2018-6942.patch | 38 |
2 files changed, 43 insertions, 1 deletions
diff --git a/main/freetype/APKBUILD b/main/freetype/APKBUILD index e6935b5025..9c55e1ac00 100644 --- a/main/freetype/APKBUILD +++ b/main/freetype/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Carlo Landmeter <clandmeter@gmail.com> pkgname=freetype pkgver=2.9 -pkgrel=0 +pkgrel=1 pkgdesc="TrueType font rendering library" url="https://www.freetype.org/" arch="all" @@ -17,11 +17,14 @@ source="http://download.savannah.gnu.org/releases/freetype/freetype-$pkgver.tar. 0001-Enable-table-validation-modules.patch 0003-Enable-infinality-subpixel-hinting.patch 0004-Enable-long-PCF-family-names.patch + CVE-2018-6942.patch freetype-profile.sh " # secfixes: +# 2.9-r1: +# - CVE-2018-6942 # 2.7.1-r1: # - CVE-2017-8105 # - CVE-2017-8287 @@ -56,4 +59,5 @@ sha512sums="28465f3453baf9a187529432118389de8f1b85273c9fb787d2c8f0feee8ab64b387d 41a84be2631b53072a76b78c582575aa48b650ee7b00017d018381002bc25df10cf33da4954c95ef50db39f1fa566678e3b4ae9bfee1dfd705423fb53e53e494 0001-Enable-table-validation-modules.patch 7b52a3d67750d59b2c98e83dab4e0a0ab263142c2ca7bd5f8be5f8fe9cd1dc1f4debad44111c7886665329d8d2a3163756455618a6615df8f85d82bb0372d4dd 0003-Enable-infinality-subpixel-hinting.patch 64c20fbcbf48372ea35fe2e0dae8fec4be8c601c899a4a71913060c6ea4082a2f41d69701da511e09fee126bf198d560986469e2356bd088d2dd5961f437df63 0004-Enable-long-PCF-family-names.patch +26978105a1f69917778712ed24170a6d17c0ca2bfda8c179238a8f2534b197d0c65c648605a5433870c8d27e8211abf5ae9120d1fe9663148554f2e038603e75 CVE-2018-6942.patch 829dff39fc98e341cf88433758d9288fe9f824c1a1644ac7777ed274133df0fd0ee65606b7dab69acdb12ebf516d89da063df8850114e0c4e16a28bcc5de215d freetype-profile.sh" diff --git a/main/freetype/CVE-2018-6942.patch b/main/freetype/CVE-2018-6942.patch new file mode 100644 index 0000000000..266bf00440 --- /dev/null +++ b/main/freetype/CVE-2018-6942.patch @@ -0,0 +1,38 @@ +From 29c759284e305ec428703c9a5831d0b1fc3497ef Mon Sep 17 00:00:00 2001 +From: Werner Lemberg <wl@gnu.org> +Date: Sat, 27 Jan 2018 14:43:43 +0100 +Subject: * src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL reference. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736 +--- + src/truetype/ttinterp.c | 12 ++++++++++-- + 2 files changed, 18 insertions(+), 2 deletions(-) + +diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c +index d855aaa..551f14a 100644 +--- a/src/truetype/ttinterp.c ++++ b/src/truetype/ttinterp.c +@@ -7532,8 +7532,16 @@ + return; + } + +- for ( i = 0; i < num_axes; i++ ) +- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ ++ if ( coords ) ++ { ++ for ( i = 0; i < num_axes; i++ ) ++ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ ++ } ++ else ++ { ++ for ( i = 0; i < num_axes; i++ ) ++ args[i] = 0; ++ } + } + + +-- +cgit v1.0-41-gc330 + |