diff options
| -rw-r--r-- | graphics/freetype2/Makefile | 4 | ||||
| -rw-r--r-- | graphics/freetype2/distinfo | 5 | ||||
| -rw-r--r-- | graphics/freetype2/patches/patch-ab | 4 | ||||
| -rw-r--r-- | graphics/freetype2/patches/patch-ac | 23 |
4 files changed, 31 insertions, 5 deletions
diff --git a/graphics/freetype2/Makefile b/graphics/freetype2/Makefile index 476d1fa168b..24063006668 100644 --- a/graphics/freetype2/Makefile +++ b/graphics/freetype2/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.76 2010/11/03 11:56:37 drochner Exp $ +# $NetBSD: Makefile,v 1.77 2010/11/24 18:44:53 drochner Exp $ DISTNAME= freetype-2.4.3 PKGNAME= ${DISTNAME:S/-/2-/} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=freetype/} \ ftp://ring.aist.go.jp/pub/graphics/freetype/freetype2/ diff --git a/graphics/freetype2/distinfo b/graphics/freetype2/distinfo index 4985ef40313..ae20c9c6d6a 100644 --- a/graphics/freetype2/distinfo +++ b/graphics/freetype2/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.38 2010/11/03 11:56:37 drochner Exp $ +$NetBSD: distinfo,v 1.39 2010/11/24 18:44:54 drochner Exp $ SHA1 (freetype-2.4.3.tar.bz2) = 16e5ba0ff23b2de372149a790b7245a762022912 RMD160 (freetype-2.4.3.tar.bz2) = befa7c66a9574c682b45d69a1088d072d8f119d9 Size (freetype-2.4.3.tar.bz2) = 1437406 bytes SHA1 (patch-aa) = 85bf9979802e04345a9f5ac3ada2cac9520dabcb -SHA1 (patch-ab) = 1514cd5ef494a535db75e072ba194ea2936f6623 +SHA1 (patch-ab) = fd2823043c3bf1488529167a56af69ecd036a920 +SHA1 (patch-ac) = bbd59b48a7827eb5e9c4905572f13b789a2d9c88 diff --git a/graphics/freetype2/patches/patch-ab b/graphics/freetype2/patches/patch-ab index 98557517a07..49943ea41ae 100644 --- a/graphics/freetype2/patches/patch-ab +++ b/graphics/freetype2/patches/patch-ab @@ -1,4 +1,6 @@ -$NetBSD: patch-ab,v 1.14 2010/11/03 11:56:37 drochner Exp $ +$NetBSD: patch-ab,v 1.15 2010/11/24 18:44:54 drochner Exp $ + +CVE-2010-3855 --- src/truetype/ttgxvar.c.orig 2010-07-12 19:03:49.000000000 +0000 +++ src/truetype/ttgxvar.c diff --git a/graphics/freetype2/patches/patch-ac b/graphics/freetype2/patches/patch-ac new file mode 100644 index 00000000000..e0454947309 --- /dev/null +++ b/graphics/freetype2/patches/patch-ac @@ -0,0 +1,23 @@ +$NetBSD: patch-ac,v 1.6 2010/11/24 18:44:54 drochner Exp $ + +CVE-2010-3814 + +--- src/truetype/ttinterp.c.orig 2010-10-01 06:08:19.000000000 +0000 ++++ src/truetype/ttinterp.c +@@ -5795,7 +5795,16 @@ + if ( CUR.GS.gep2 == 0 && CUR.zp2.n_points > 0 ) + last_point = (FT_UShort)( CUR.zp2.n_points - 1 ); + else if ( CUR.GS.gep2 == 1 && CUR.zp2.n_contours > 0 ) ++ { + last_point = (FT_UShort)( CUR.zp2.contours[CUR.zp2.n_contours - 1] ); ++ ++ if ( BOUNDS( last_point, CUR.zp2.n_points ) ) ++ { ++ if ( CUR.pedantic_hinting ) ++ CUR.error = TT_Err_Invalid_Reference; ++ return; ++ } ++ } + else + last_point = 0; + |