Browse code
BUG 2081109 [CVE-2018-6942] package: freetype2 branch 2.0
This change is to patch the upstream fix for the mentioned CVE for 2.0 branch.
Change-Id: Ia89ec87dfa3650a297cfb3e3ef4e48c3bcea665a
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5231
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Ashok Venkiteswaran
Reviewed-by: Sharath George
Tapas Kundu authored on 2018/06/08 02:35:07Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,39 @@ |
| 0 |
+diff --git a/ChangeLog b/ChangeLog |
|
| 1 |
+index 15ef4ae..fff4a41 100644 |
|
| 2 |
+--- a/ChangeLog |
|
| 3 |
+@@ -1,5 +1,13 @@ |
|
| 4 |
+ 2018-01-27 Werner Lemberg <wl@gnu.org> |
|
| 5 |
+ |
|
| 6 |
++ * src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL reference. |
|
| 7 |
++ |
|
| 8 |
++ Reported as |
|
| 9 |
++ |
|
| 10 |
++ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736 |
|
| 11 |
++ |
|
| 12 |
++2018-01-27 Werner Lemberg <wl@gnu.org> |
|
| 13 |
++ |
|
| 14 |
+ * src/truetype/ttgxvar.c (tt_set_mm_blend): Minor. |
|
| 15 |
+ |
|
| 16 |
+ 2018-01-27 Werner Lemberg <wl@gnu.org> |
|
| 17 |
+diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c |
|
| 18 |
+index d855aaa..551f14a 100644 |
|
| 19 |
+--- a/src/truetype/ttinterp.c |
|
| 20 |
+@@ -7532,8 +7532,16 @@ |
|
| 21 |
+ return; |
|
| 22 |
+ } |
|
| 23 |
+ |
|
| 24 |
+- for ( i = 0; i < num_axes; i++ ) |
|
| 25 |
+- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ |
|
| 26 |
++ if ( coords ) |
|
| 27 |
++ {
|
|
| 28 |
++ for ( i = 0; i < num_axes; i++ ) |
|
| 29 |
++ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ |
|
| 30 |
++ } |
|
| 31 |
++ else |
|
| 32 |
++ {
|
|
| 33 |
++ for ( i = 0; i < num_axes; i++ ) |
|
| 34 |
++ args[i] = 0; |
|
| 35 |
++ } |
|
| 36 |
+ } |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: software font engine. |
| 2 | 2 |
Name: freetype2 |
| 3 | 3 |
Version: 2.7.1 |
| 4 |
-Release: 3%{?dist}
|
|
| 4 |
+Release: 4%{?dist}
|
|
| 5 | 5 |
License: BSD/GPL |
| 6 | 6 |
URL: http://www.freetype.org/ |
| 7 | 7 |
Group: System Environment/Libraries |
| ... | ... |
@@ -12,6 +12,7 @@ Source0: http://download.savannah.gnu.org/releases/freetype/freetype-%{version}.
|
| 12 | 12 |
Patch0: CVE-2017-7857-and-CVE-2017-7858.patch |
| 13 | 13 |
Patch1: CVE-2017-7864.patch |
| 14 | 14 |
Patch2: CVE-2017-8287.patch |
| 15 |
+Patch3: CVE-2018-6942.patch |
|
| 15 | 16 |
BuildRequires: libtool |
| 16 | 17 |
BuildRequires: zlib-devel |
| 17 | 18 |
|
| ... | ... |
@@ -63,6 +64,8 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}
|
| 63 | 63 |
%{_libdir}/pkgconfig/*.pc
|
| 64 | 64 |
|
| 65 | 65 |
%changelog |
| 66 |
+* Thu Jun 07 2018 Tapas Kundu <tkundu@vmware.com> 2.7.1-4 |
|
| 67 |
+- CVE-2018-6942 |
|
| 66 | 68 |
* Mon May 15 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.7.1-3 |
| 67 | 69 |
- CVE-2017-8287 |
| 68 | 70 |
* Fri Apr 28 2017 Dheeraj Shetty <dheerajs@vmware.com> 2.7.1-2 |