Hello community, here is the log from the commit of package cairo for openSUSE:Factory checked in at 2018-06-22 13:28:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cairo (Old) and /work/SRC/openSUSE:Factory/.cairo.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cairo" Fri Jun 22 13:28:47 2018 rev:86 rq:618169 version:1.15.12 Changes: -------- --- /work/SRC/openSUSE:Factory/cairo/cairo.changes 2018-04-27 15:59:46.787297613 +0200 +++ /work/SRC/openSUSE:Factory/.cairo.new/cairo.changes 2018-06-22 13:28:50.209169092 +0200 @@ -1,0 +2,7 @@ +Wed Jun 20 06:26:30 UTC 2018 - [email protected] + +- Add cairo-CVE-2017-9814.patch: Replace malloc with _cairo_malloc + and check cmap size before allocating (boo#1049092, + CVE-2017-9814, fdo#101547). + +------------------------------------------------------------------- New: ---- cairo-CVE-2017-9814.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cairo.spec ++++++ --- /var/tmp/diff_new_pack.fa68c4/_old 2018-06-22 13:28:52.733075811 +0200 +++ /var/tmp/diff_new_pack.fa68c4/_new 2018-06-22 13:28:52.733075811 +0200 @@ -33,6 +33,8 @@ Patch1: cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff # PATCH-FIX-UPSTREAM cairo-fix-assertion-failure-in-freetype-backend.patch fdo#105746 -- Fix assertion failure in the freetype backend Patch2: cairo-fix-assertion-failure-in-freetype-backend.patch +# PATCH-FIX-UPSTREAM cairo-CVE-2017-9814.patch boo#1049092 CVE-2017-9814 fdo#101547 [email protected] -- Replace malloc with _cairo_malloc and check cmap size before allocating. +Patch3: cairo-CVE-2017-9814.patch BuildRequires: gtk-doc BuildRequires: pkgconfig BuildRequires: pkgconfig(fontconfig) @@ -143,6 +145,7 @@ %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 %build %configure \ ++++++ cairo-CVE-2017-9814.patch ++++++ ++++ 3190 lines (skipped)
