Hello community, here is the log from the commit of package graphite2 for openSUSE:Factory checked in at 2017-04-28 09:11:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/graphite2 (Old) and /work/SRC/openSUSE:Factory/.graphite2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "graphite2" Fri Apr 28 09:11:25 2017 rev:19 rq:490162 version:1.3.9 Changes: -------- --- /work/SRC/openSUSE:Factory/graphite2/graphite2.changes 2016-11-24 23:15:11.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.graphite2.new/graphite2.changes 2017-04-28 09:11:28.485553485 +0200 @@ -1,0 +2,7 @@ +Mon Apr 24 07:22:01 UTC 2017 - pgaj...@suse.com + +- security update: + * CVE-2017-5436 [bsc#1035204] + + graphite2-CVE-2017-5436.patch + +------------------------------------------------------------------- New: ---- graphite2-CVE-2017-5436.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ graphite2.spec ++++++ --- /var/tmp/diff_new_pack.6uGQI6/_old 2017-04-28 09:11:29.693383170 +0200 +++ /var/tmp/diff_new_pack.6uGQI6/_new 2017-04-28 09:11:29.693383170 +0200 @@ -1,7 +1,7 @@ # # spec file for package graphite2 # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,6 +29,7 @@ Patch0: graphite2-1.2.0-cmakepath.patch Patch1: graphite-nonvoid-return.patch Patch2: link-gcc-shared.diff +Patch3: graphite2-CVE-2017-5436.patch BuildRequires: asciidoc BuildRequires: cmake BuildRequires: fontconfig-devel @@ -82,6 +83,7 @@ %patch0 -p1 %patch1 -p1 %patch2 +%patch3 -p1 %build %cmake \ ++++++ graphite2-CVE-2017-5436.patch ++++++ >From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001 From: Martin Hosken <martin_hos...@sil.org> Date: Thu, 9 Mar 2017 22:04:04 +0000 Subject: [PATCH] Ensure features have enough space. Fix from Mozilla --- src/FeatureMap.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp index b8c8405..83bd5f6 100644 --- a/src/FeatureMap.cpp +++ b/src/FeatureMap.cpp @@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & pDest) const else if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap()) return false; //incompatible - pDest.reserve(m_index); + pDest.reserve(m_index+1); pDest[m_index] &= ~m_mask; pDest[m_index] |= (uint32(val) << m_bits); return true;