Hello community, here is the log from the commit of package freetype2 for openSUSE:11.4 checked in at Fri Jul 22 16:35:58 CEST 2011.
-------- --- old-versions/11.4/all/freetype2/freetype2.changes 2010-12-07 19:25:56.000000000 +0100 +++ 11.4/freetype2/freetype2.changes 2011-07-21 20:00:07.000000000 +0200 @@ -1,0 +2,5 @@ +Thu Jul 21 19:29:23 CEST 2011 - [email protected] + +- added bnc704612_othersubr.diff, CVE-2011-0226, bnc#704612 + +------------------------------------------------------------------- ft2demos.changes: same change Package does not exist at destination yet. Using Fallback old-versions/11.4/all/freetype2 Destination is old-versions/11.4/UPDATES/all/freetype2 calling whatdependson for 11.4-i586 New: ---- bnc704612_othersubr.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ freetype2.spec ++++++ --- /var/tmp/diff_new_pack.XcR9Gv/_old 2011-07-22 16:34:47.000000000 +0200 +++ /var/tmp/diff_new_pack.XcR9Gv/_new 2011-07-22 16:34:47.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package freetype2 (Version 2.4.4) +# spec file for package freetype2 # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,7 +29,7 @@ %endif # Version: 2.4.4 -Release: 3 +Release: 7.<RELEASE8> Url: http://www.freetype.org Summary: A TrueType Font Library # CVS repository: @@ -50,6 +50,7 @@ Patch1000: bnc628213_1797.diff Patch1015: bnc641580_CVE-2010-3311.diff Source1015: bug-641580_CVE-2010-3311.cff +Patch1018: bnc704612_othersubr.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -118,6 +119,7 @@ #%patch1013 -p1 # bnc641580_CVE-2010-3311.diff %patch1015 -p1 +%patch1018 -p1 find . -name CVS -type d | xargs rm -rf find . -name ".cvsignore" | xargs rm -f ++++++ ft2demos.spec ++++++ --- /var/tmp/diff_new_pack.XcR9Gv/_old 2011-07-22 16:34:47.000000000 +0200 +++ /var/tmp/diff_new_pack.XcR9Gv/_new 2011-07-22 16:34:47.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package ft2demos (Version 2.4.4) +# spec file for package ft2demos # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,7 +25,7 @@ AutoReqProv: on Supplements: fonts-config Version: 2.4.4 -Release: 3 +Release: 4.<RELEASE2> %define freetype_version %{version} Url: http://www.freetype.org Summary: Freetype2 Utilities and Demo Programs @@ -50,6 +50,7 @@ Source1013: bnc633938_badbdf.0 Patch1015: bnc641580_CVE-2010-3311.diff Source1015: bug-641580_CVE-2010-3311.cff +Patch1018: bnc704612_othersubr.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -94,6 +95,7 @@ #%patch1013 -p1 # bnc641580_CVE-2010-3311.diff %patch1015 -p1 +%patch1018 -p1 find . -name CVS -type d | xargs rm -rf find . -name ".cvsignore" | xargs rm -f ++++++ bnc704612_othersubr.diff ++++++ --- freetype-2.4.4/src/psaux/t1decode.c.orig 2011-07-21 16:44:40.000000000 +0000 +++ freetype-2.4.4/src/psaux/t1decode.c 2011-07-21 17:00:05.000000000 +0000 @@ -28,6 +28,8 @@ #include "psauxerr.h" +/* ensure proper sign extension */ +#define Fix2Int( f ) ( (FT_Int)(FT_Short)( (f) >> 16 ) ) /*************************************************************************/ /* */ @@ -662,7 +664,7 @@ if ( large_int ) FT_TRACE4(( " %ld", value )); else - FT_TRACE4(( " %ld", (FT_Int32)( value >> 16 ) )); + FT_TRACE4(( " %ld", Fix2Int( value ) )); #endif *top++ = value; @@ -684,8 +686,8 @@ top -= 2; - subr_no = (FT_Int)( top[1] >> 16 ); - arg_cnt = (FT_Int)( top[0] >> 16 ); + subr_no = Fix2Int( top[1] ); + arg_cnt = Fix2Int( top[0] ); /***********************************************************/ /* */ @@ -862,7 +864,7 @@ if ( arg_cnt != 1 || blend == NULL ) goto Unexpected_OtherSubr; - idx = (FT_Int)( top[0] >> 16 ); + idx = Fix2Int( top[0] ); if ( idx < 0 || idx + blend->num_designs > decoder->len_buildchar ) @@ -930,7 +932,7 @@ if ( arg_cnt != 2 || blend == NULL ) goto Unexpected_OtherSubr; - idx = (FT_Int)( top[1] >> 16 ); + idx = Fix2Int( top[1] ); if ( idx < 0 || (FT_UInt) idx >= decoder->len_buildchar ) goto Unexpected_OtherSubr; @@ -951,7 +953,7 @@ if ( arg_cnt != 1 || blend == NULL ) goto Unexpected_OtherSubr; - idx = (FT_Int)( top[0] >> 16 ); + idx = Fix2Int( top[0] ); if ( idx < 0 || (FT_UInt) idx >= decoder->len_buildchar ) goto Unexpected_OtherSubr; @@ -1009,11 +1011,15 @@ break; default: - FT_ERROR(( "t1_decoder_parse_charstrings:" - " unknown othersubr [%d %d], wish me luck\n", - arg_cnt, subr_no )); - unknown_othersubr_result_cnt = arg_cnt; - break; + if ( arg_cnt >= 0 && subr_no >= 0 ) + { + FT_ERROR(( "t1_decoder_parse_charstrings:" + " unknown othersubr [%d %d], wish me luck\n", + arg_cnt, subr_no )); + unknown_othersubr_result_cnt = arg_cnt; + break; + } + /* fall through */ Unexpected_OtherSubr: FT_ERROR(( "t1_decoder_parse_charstrings:" @@ -1139,8 +1145,8 @@ top[0], top[1], top[2], - (FT_Int)( top[3] >> 16 ), - (FT_Int)( top[4] >> 16 ) ); + Fix2Int( top[3] ), + Fix2Int( top[4] ) ); case op_sbw: FT_TRACE4(( " sbw" )); @@ -1324,7 +1330,7 @@ FT_TRACE4(( " callsubr" )); - idx = (FT_Int)( top[0] >> 16 ); + idx = Fix2Int( top[0] ); if ( idx < 0 || idx >= (FT_Int)decoder->num_subrs ) { FT_ERROR(( "t1_decoder_parse_charstrings:" ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
