Steve Langasek wrote: > On Sun, Jul 23, 2006 at 08:51:29PM +0200, Martin Schulze wrote: > > Steve Langasek wrote: > > > On Fri, Jul 07, 2006 at 08:42:59PM +0200, Martin Schulze wrote: > > > > It appears to be a correct fix for the regression that has been reported. > > > > > I'd rather make it read: > > > > > if (height <= 0 || (FT_ULong)pitch > LONG_MAX/height) > > > > > because later we have "pitch * height" which will result in a malloc > > > > of zero. > > > s/of zero/of less than zero/ it should have read, i.e. a negative malloc > > which is general a bad thing. > > Ok, that's fair. I think there's still the possibility of a negative malloc > if pitch is negative, but that's now several steps removed from the stated > vulnerability, and in the meantime we still have the crasher regression, so > I've updated the patch to use the height <= 0 check. > > > I still see > > > --- freetype-2.1.7.orig/--variant=buildd/debootstrap/debootstrap.log > > +++ freetype-2.1.7/--variant=buildd/debootstrap/debootstrap.log > > @@ -0,0 +1,2 @@ > > +/usr/sbin/debootstrap: line 349: .: /chroots/sarge-i386-pristine: is a > > directory > > +/usr/sbin/debootstrap: line 349: .: /chroots/sarge-i386-pristine: is a > > directory > > > > which ought not to be there. > > Well, apparently the -3 package that you said you couldn't find was on > security.d.o all along, because this was *not* in the second -3 package that > I uploaded; but that one was rejected because it was a duplicate. > > I've uploaded -4 now with the additional check.
Oh damn you! This way we won't get an update any time. I was tying to build -2.5 with no luck, then just started with -3.1 to fix your invisible -3 build, and just no you've deciced to upload -4 which is also invisible to us and which most probably blocks -3.1 from building - as I see -4 build logs. Thanks you very much. -- Unix is user friendly ... It's just picky about its friends. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
