[arch-commits] CVS update of arch/build/lib/freetype2 (2 files)

[Jan de Groot]

    Date: Friday, June 1, 2007 @ 03:06:12
  Author: jgc
    Path: /home/cvs-arch/arch/build/lib/freetype2

   Added: freetype-CVE-2007-2754.patch (1.1)
Modified: PKGBUILD (1.44 -> 1.45)

upgpkg: freetype2 2.3.4-2
Security update


------------------------------+
 PKGBUILD                     |   10 ++++++----
 freetype-CVE-2007-2754.patch |   32 ++++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 4 deletions(-)


Index: arch/build/lib/freetype2/PKGBUILD
diff -u arch/build/lib/freetype2/PKGBUILD:1.44 arch/build/lib/freetype2/PKGBUILD:1.45
--- arch/build/lib/freetype2/PKGBUILD:1.44	Wed Apr 18 16:04:06 2007
+++ arch/build/lib/freetype2/PKGBUILD	Fri Jun  1 03:06:11 2007
@@ -1,19 +1,20 @@
-# $Id: PKGBUILD,v 1.44 2007/04/18 20:04:06 jgc Exp $
+# $Id: PKGBUILD,v 1.45 2007/06/01 07:06:11 jgc Exp $
 # Maintainer: judd <jvinet at zeroflux.org>
 pkgname=freetype2
 pkgver=2.3.4
-pkgrel=1
+pkgrel=2
 pkgdesc="TrueType font rendering library"
 arch=(i686 x86_64)
 license=('GPL')
 url="http://freetype.sourceforge.net"
 depends=('zlib')
-options=('nolibtool')
+options=('!libtool')
 source=(http://heanet.dl.sourceforge.net/sourceforge/freetype/freetype-${pkgver}.tar.bz2
 	bytecode.patch
 	freetype-2.3.0-enable-spr.patch
 	freetype-2.2.1-enable-valid.patch
-	freetype-2.2.1-memcpy-fix.patch)
+	freetype-2.2.1-memcpy-fix.patch
+	freetype-CVE-2007-2754.patch)
 md5sums=('1a6c59a7723d637c78672e7784da865d' '9ff19e742968c29e3ba52b08d6bf0a50'\
          '816dc8619a6904a7385769433c0a8653' '214119610444c9b02766ccee5e220680'\
          '6fb6606d28082ecb8e0c6d986b0b26aa')
@@ -24,6 +25,7 @@
   patch -Np1 -i ${startdir}/src/freetype-2.3.0-enable-spr.patch || return 1
   patch -Np1 -i ${startdir}/src/freetype-2.2.1-enable-valid.patch || return 1
   patch -Np1 -i ${startdir}/src/freetype-2.2.1-memcpy-fix.patch || return 1
+  patch -Np0 -i ${startdir}/src/freetype-CVE-2007-2754.patch || return 1
 
   ./configure --prefix=/usr
   make || return 1
Index: arch/build/lib/freetype2/freetype-CVE-2007-2754.patch
diff -u /dev/null arch/build/lib/freetype2/freetype-CVE-2007-2754.patch:1.1
--- /dev/null	Fri Jun  1 03:06:11 2007
+++ arch/build/lib/freetype2/freetype-CVE-2007-2754.patch	Fri Jun  1 03:06:11 2007
@@ -0,0 +1,32 @@
+--- src/truetype/ttgload.c
++++ src/truetype/ttgload.c
+@@ -271,7 +271,11 @@
+ 
+     n_points = 0;
+     if ( n_contours > 0 )
++    {
+       n_points = cont[-1] + 1;
++      if ( n_points < 0 )
++        goto Invalid_Outline;
++    }
+ 
+     /* note that we will add four phantom points later */
+     error = FT_GLYPHLOADER_CHECK_POINTS( gloader, n_points + 4, 0 );
+@@ -682,7 +686,7 @@
+     FT_GlyphLoader  gloader = loader->gloader;
+     FT_Error        error   = TT_Err_Ok;
+     FT_Outline*     outline;
+-    FT_UInt         n_points;
++    FT_Int          n_points;
+ 
+ 
+     outline  = &gloader->current.outline;
+@@ -709,7 +713,7 @@
+       /* Deltas apply to the unscaled data. */
+       FT_Vector*  deltas;
+       FT_Memory   memory = loader->face->memory;
+-      FT_UInt     i;
++      FT_Int      i;
+ 
+ 
+       error = TT_Vary_Get_Glyph_Deltas( (TT_Face)(loader->face),