svn commit: r347562 - in branches/2014Q1: print/freetype2 print/freetype2/files security/vuxml

Koop Mast kwm at FreeBSD.org
Sun Mar 9 10:23:41 UTC 2014 

Author: kwm
Date: Sun Mar  9 10:23:40 2014
New Revision: 347562
URL: http://svnweb.freebsd.org/changeset/ports/347562
QAT: https://qat.redports.org/buildarchive/r347562/

Log:
  Add patches to fix security issue.
  This is done via direct commit, because the freetype2 update to 2.5.3 isn't
  mergeable due to freetype header shuffle which happend in 2.5.1.
  
  Tweak the freetype2 version in the vuxml to point to the fix version.
  
  Approved by:	portmgr (antoine@, erwin@)
  Obtained from:	freetype2 upstream
  Security:	1a0de610-a761-11e3-95fe-bcaec565249c

Added:
  branches/2014Q1/print/freetype2/files/patch-41697   (contents, props changed)
Modified:
  branches/2014Q1/print/freetype2/Makefile
  branches/2014Q1/security/vuxml/vuln.xml

Modified: branches/2014Q1/print/freetype2/Makefile
==============================================================================
--- branches/2014Q1/print/freetype2/Makefile	Sun Mar  9 09:51:32 2014	(r347561)
+++ branches/2014Q1/print/freetype2/Makefile	Sun Mar  9 10:23:40 2014	(r347562)
@@ -4,6 +4,7 @@
 
 PORTNAME=	freetype2
 PORTVERSION=	2.5.0.1
+PORTREVISION=	1
 CATEGORIES=	print
 MASTER_SITES=	SF/freetype/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+\.[0-9]+).*/\1/}/ \
 		http://sunsite.cnlab-switch.ch/ftp/mirror/freetype/freetype2/ \

Added: branches/2014Q1/print/freetype2/files/patch-41697
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2014Q1/print/freetype2/files/patch-41697	Sun Mar  9 10:23:40 2014	(r347562)
@@ -0,0 +1,113 @@
+From 0eae6eb0645264c98812f0095e0f5df4541830e6 Mon Sep 17 00:00:00 2001
+From: Dave Arnold <darnold at adobe.com>
+Date: Fri, 28 Feb 2014 06:40:01 +0000
+Subject: Fix Savannah bug #41697, part 1.
+
+* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is
+invalid.  In this case, it is not safe to use the length of
+`hStemHintArray'; the exception has already been recorded in
+`hintMask'.
+---
+diff --git a/ChangeLog b/ChangeLog
+index 2010fda..1f48e24 100644
+--- ChangeLog
++++ ChangeLog
+@@ -1,3 +1,12 @@
++2014-02-28  Dave Arnold  <darnold at adobe.com>
++
++	[cff] Fix Savannah bug #41697, part 1.
++
++	* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is
++	invalid.  In this case, it is not safe to use the length of
++	`hStemHintArray'; the exception has already been recorded in
++	`hintMask'.
++
+ 2014-02-26  Werner Lemberg  <wl at gnu.org>
+ 
+ 	[sfnt] Fix Savannah bug #41696.
+diff --git a/src/cff/cf2hints.c b/src/cff/cf2hints.c
+index 5f44161..79f84fc 100644
+--- src/cff/cf2hints.c
++++ src/cff/cf2hints.c
+@@ -781,6 +781,8 @@
+       cf2_hintmask_setAll( hintMask,
+                            cf2_arrstack_size( hStemHintArray ) +
+                              cf2_arrstack_size( vStemHintArray ) );
++      if ( !cf2_hintmask_isValid( hintMask ) )
++          return;                   /* too many stem hints */
+     }
+ 
+     /* begin by clearing the map */
+--
+cgit v0.9.0.2
+From 135c3faebb96f8f550bd4f318716f2e1e095a969 Mon Sep 17 00:00:00 2001
+From: Dave Arnold <darnold at adobe.com>
+Date: Fri, 28 Feb 2014 06:42:42 +0000
+Subject: Fix Savannah bug #41697, part 2.
+
+* src/cff/cf2ft.c (cf2_initLocalRegionBuffer,
+cf2_initGlobalRegionBuffer): It is possible for a charstring to call
+a subroutine if no subroutines exist.  This is an error but should
+not trigger an assert.  Split the assert to account for this.
+---
+diff --git a/ChangeLog b/ChangeLog
+index 1f48e24..164aa6b 100644
+--- ChangeLog
++++ ChangeLog
+@@ -1,5 +1,14 @@
+ 2014-02-28  Dave Arnold  <darnold at adobe.com>
+ 
++	[cff] Fix Savannah bug #41697, part 2.
++
++	* src/cff/cf2ft.c (cf2_initLocalRegionBuffer,
++	cf2_initGlobalRegionBuffer): It is possible for a charstring to call
++	a subroutine if no subroutines exist.  This is an error but should
++	not trigger an assert.  Split the assert to account for this.
++
++2014-02-28  Dave Arnold  <darnold at adobe.com>
++
+ 	[cff] Fix Savannah bug #41697, part 1.
+ 
+ 	* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is
+diff --git a/src/cff/cf2ft.c b/src/cff/cf2ft.c
+index df5f8fb..82bac75 100644
+--- src/cff/cf2ft.c
++++ src/cff/cf2ft.c
+@@ -521,7 +521,7 @@
+                               CF2_UInt      idx,
+                               CF2_Buffer    buf )
+   {
+-    FT_ASSERT( decoder && decoder->globals );
++    FT_ASSERT( decoder );
+ 
+     FT_ZERO( buf );
+ 
+@@ -529,6 +529,8 @@
+     if ( idx >= decoder->num_globals )
+       return TRUE;     /* error */
+ 
++    FT_ASSERT( decoder->globals );
++
+     buf->start =
+     buf->ptr   = decoder->globals[idx];
+     buf->end   = decoder->globals[idx + 1];
+@@ -594,7 +596,7 @@
+                              CF2_UInt      idx,
+                              CF2_Buffer    buf )
+   {
+-    FT_ASSERT( decoder && decoder->locals );
++    FT_ASSERT( decoder );
+ 
+     FT_ZERO( buf );
+ 
+@@ -602,6 +604,8 @@
+     if ( idx >= decoder->num_locals )
+       return TRUE;     /* error */
+ 
++    FT_ASSERT( decoder->locals );
++
+     buf->start =
+     buf->ptr   = decoder->locals[idx];
+     buf->end   = decoder->locals[idx + 1];
+--
+cgit v0.9.0.2

Modified: branches/2014Q1/security/vuxml/vuln.xml
==============================================================================
--- branches/2014Q1/security/vuxml/vuln.xml	Sun Mar  9 09:51:32 2014	(r347561)
+++ branches/2014Q1/security/vuxml/vuln.xml	Sun Mar  9 10:23:40 2014	(r347562)
@@ -56,7 +56,7 @@ Note:  Please add new entries to the beg
     <affects>
       <package>
 	<name>freetype2</name>
-	<range><lt>2.5.3</lt></range>
+	<range><lt>2.5.0.1_1</lt></range>
       </package>
     </affects>
     <description>

More information about the svn-ports-branches mailing list