commit graphite2 for openSUSE:Factory

Fri, 28 Apr 2017 00:12:04 -0700 

Hello community,

here is the log from the commit of package graphite2 for openSUSE:Factory 
checked in at 2017-04-28 09:11:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/graphite2 (Old)
 and      /work/SRC/openSUSE:Factory/.graphite2.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "graphite2"

Fri Apr 28 09:11:25 2017 rev:19 rq:490162 version:1.3.9

Changes:
--------
--- /work/SRC/openSUSE:Factory/graphite2/graphite2.changes      2016-11-24 
23:15:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.graphite2.new/graphite2.changes 2017-04-28 
09:11:28.485553485 +0200
@@ -1,0 +2,7 @@
+Mon Apr 24 07:22:01 UTC 2017 - pgaj...@suse.com
+
+- security update: 
+  * CVE-2017-5436 [bsc#1035204]
+    + graphite2-CVE-2017-5436.patch
+
+-------------------------------------------------------------------

New:
----
  graphite2-CVE-2017-5436.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ graphite2.spec ++++++
--- /var/tmp/diff_new_pack.6uGQI6/_old  2017-04-28 09:11:29.693383170 +0200
+++ /var/tmp/diff_new_pack.6uGQI6/_new  2017-04-28 09:11:29.693383170 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package graphite2
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -29,6 +29,7 @@
 Patch0:         graphite2-1.2.0-cmakepath.patch
 Patch1:         graphite-nonvoid-return.patch
 Patch2:         link-gcc-shared.diff
+Patch3:         graphite2-CVE-2017-5436.patch
 BuildRequires:  asciidoc
 BuildRequires:  cmake
 BuildRequires:  fontconfig-devel
@@ -82,6 +83,7 @@
 %patch0 -p1
 %patch1 -p1
 %patch2
+%patch3 -p1
 
 %build
 %cmake \

++++++ graphite2-CVE-2017-5436.patch ++++++
>From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001
From: Martin Hosken <martin_hos...@sil.org>
Date: Thu, 9 Mar 2017 22:04:04 +0000
Subject: [PATCH] Ensure features have enough space. Fix from Mozilla

---
 src/FeatureMap.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp
index b8c8405..83bd5f6 100644
--- a/src/FeatureMap.cpp
+++ b/src/FeatureMap.cpp
@@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & 
pDest) const
     else
       if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap())
         return false;       //incompatible
-    pDest.reserve(m_index);
+    pDest.reserve(m_index+1);
     pDest[m_index] &= ~m_mask;
     pDest[m_index] |= (uint32(val) << m_bits);
     return true;

Reply via email to