diff --git a/x11/freetype/CVE-2006-1861.patch b/x11/freetype/CVE-2006-1861.patch deleted file mode 100644 index e1d590be2..000000000 --- a/x11/freetype/CVE-2006-1861.patch +++ /dev/null @@ -1,178 +0,0 @@ -# --- T2-COPYRIGHT-NOTE-BEGIN --- -# This copyright note is auto-generated by ./scripts/Create-CopyPatch. -# -# T2 SDE: package/.../freetype/CVE-2006-1861.patch -# Copyright (C) 2006 The T2 SDE Project -# -# More information can be found in the files COPYING and README. -# -# This patch file is dual-licensed. It is available under the license the -# patched project is licensed under, as long as it is an OpenSource license -# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms -# of the GNU General Public License as published by the Free Software -# Foundation; either version 2 of the License, or (at your option) any later -# version. -# --- T2-COPYRIGHT-NOTE-END --- - -diff -Nur freetype-2.1.10-orig/include/freetype/fterrdef.h freetype-2.1.10/include/freetype/fterrdef.h ---- freetype-2.1.10-orig/include/freetype/fterrdef.h 2004-02-12 08:33:20.000000000 +0000 -+++ freetype-2.1.10/include/freetype/fterrdef.h 2006-05-31 22:53:15.329323750 +0000 -@@ -4,7 +4,7 @@ - /* */ - /* FreeType error codes (specification). */ - /* */ --/* Copyright 2002, 2004 by */ -+/* Copyright 2002, 2004, 2006 by */ - /* David Turner, Robert Wilhelm, and Werner Lemberg. */ - /* */ - /* This file is part of the FreeType project, and may only be used, */ -@@ -226,6 +226,8 @@ - "`ENCODING' field missing" ) - FT_ERRORDEF_( Missing_Bbx_Field, 0xB6, \ - "`BBX' field missing" ) -+ FT_ERRORDEF_( Bbx_Too_Big, 0xB7, \ -+ "`BBX' too big" ) - - - /* END */ -diff -Nur freetype-2.1.10-orig/src/bdf/bdflib.c freetype-2.1.10/src/bdf/bdflib.c ---- freetype-2.1.10-orig/src/bdf/bdflib.c 2005-05-21 17:19:52.000000000 +0000 -+++ freetype-2.1.10/src/bdf/bdflib.c 2006-05-31 22:53:15.333324000 +0000 -@@ -1092,6 +1092,7 @@ - #define ERRMSG1 "[line %ld] Missing \"%s\" line.\n" - #define ERRMSG2 "[line %ld] Font header corrupted or missing fields.\n" - #define ERRMSG3 "[line %ld] Font glyphs corrupted or missing fields.\n" -+#define ERRMSG4 "[line %ld] BBX too big.\n" - - - static FT_Error -@@ -1805,6 +1806,9 @@ - /* And finally, gather up the bitmap. */ - if ( ft_memcmp( line, "BITMAP", 6 ) == 0 ) - { -+ unsigned long bitmap_size; -+ -+ - if ( !( p->flags & _BDF_BBX ) ) - { - /* Missing BBX field. */ -@@ -1815,7 +1819,16 @@ - - /* Allocate enough space for the bitmap. */ - glyph->bpr = ( glyph->bbx.width * p->font->bpp + 7 ) >> 3; -- glyph->bytes = (unsigned short)( glyph->bpr * glyph->bbx.height ); -+ -+ bitmap_size = glyph->bpr * glyph->bbx.height; -+ if ( bitmap_size > 0xFFFFU ) -+ { -+ FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG4, lineno )); -+ error = BDF_Err_Bbx_Too_Big; -+ goto Exit; -+ } -+ else -+ glyph->bytes = (unsigned short)bitmap_size; - - if ( FT_NEW_ARRAY( glyph->bitmap, glyph->bytes ) ) - goto Exit; -diff -Nur freetype-2.1.10-orig/src/cff/cffgload.c freetype-2.1.10/src/cff/cffgload.c ---- freetype-2.1.10-orig/src/cff/cffgload.c 2005-04-18 04:53:05.000000000 +0000 -+++ freetype-2.1.10/src/cff/cffgload.c 2006-05-31 23:03:31.567836250 +0000 -@@ -2284,7 +2284,7 @@ - FT_LOCAL_DEF( FT_Error ) - cff_slot_load( CFF_GlyphSlot glyph, - CFF_Size size, -- FT_Int glyph_index, -+ FT_UInt glyph_index, - FT_Int32 load_flags ) - { - FT_Error error; -@@ -2330,7 +2330,7 @@ - - error = sfnt->load_sbit_image( face, - (FT_ULong)size->strike_index, -- (FT_UInt)glyph_index, -+ glyph_index, - (FT_Int)load_flags, - stream, - &glyph->root.bitmap, -@@ -2393,7 +2393,12 @@ - /* subsetted font, glyph_indices and CIDs are identical, though */ - if ( cff->top_font.font_dict.cid_registry != 0xFFFFU && - cff->charset.cids ) -- glyph_index = cff->charset.cids[glyph_index]; -+ { -+ if ( glyph_index < cff->charset.max_cid ) -+ glyph_index = cff->charset.cids[glyph_index]; -+ else -+ glyph_index = 0; -+ } - - cff_decoder_init( &decoder, face, size, glyph, hinting, - FT_LOAD_TARGET_MODE( load_flags ) ); -diff -Nur freetype-2.1.10-orig/src/cff/cffgload.h freetype-2.1.10/src/cff/cffgload.h ---- freetype-2.1.10-orig/src/cff/cffgload.h 2004-05-13 21:59:17.000000000 +0000 -+++ freetype-2.1.10/src/cff/cffgload.h 2006-05-31 22:53:24.161875750 +0000 -@@ -4,7 +4,7 @@ - /* */ - /* OpenType Glyph Loader (specification). */ - /* */ --/* Copyright 1996-2001, 2002, 2003, 2004 by */ -+/* Copyright 1996-2001, 2002, 2003, 2004, 2006 by */ - /* David Turner, Robert Wilhelm, and Werner Lemberg. */ - /* */ - /* This file is part of the FreeType project, and may only be used, */ -@@ -196,7 +196,7 @@ - FT_LOCAL( FT_Error ) - cff_slot_load( CFF_GlyphSlot glyph, - CFF_Size size, -- FT_Int glyph_index, -+ FT_UInt glyph_index, - FT_Int32 load_flags ); - - -diff -Nur freetype-2.1.10-orig/src/cff/cffload.c freetype-2.1.10/src/cff/cffload.c ---- freetype-2.1.10-orig/src/cff/cffload.c 2005-05-06 05:49:46.000000000 +0000 -+++ freetype-2.1.10/src/cff/cffload.c 2006-05-31 22:53:24.161875750 +0000 -@@ -1688,6 +1688,8 @@ - - for ( i = 0; i < num_glyphs; i++ ) - charset->cids[charset->sids[i]] = (FT_UShort)i; -+ -+ charset->max_cid = max_cid; - } - - Exit: -diff -Nur freetype-2.1.10-orig/src/cff/cfftypes.h freetype-2.1.10/src/cff/cfftypes.h ---- freetype-2.1.10-orig/src/cff/cfftypes.h 2003-12-20 07:30:05.000000000 +0000 -+++ freetype-2.1.10/src/cff/cfftypes.h 2006-05-31 22:53:24.165876000 +0000 -@@ -5,7 +5,7 @@ - /* Basic OpenType/CFF type definitions and interface (specification */ - /* only). */ - /* */ --/* Copyright 1996-2001, 2002, 2003 by */ -+/* Copyright 1996-2001, 2002, 2003, 2006 by */ - /* David Turner, Robert Wilhelm, and Werner Lemberg. */ - /* */ - /* This file is part of the FreeType project, and may only be used, */ -@@ -84,6 +84,7 @@ - FT_UShort* sids; - FT_UShort* cids; /* the inverse mapping of `sids'; only needed */ - /* for CID-keyed fonts */ -+ FT_UInt max_cid; - } CFF_CharsetRec, *CFF_Charset; - - -diff -Nur freetype-2.1.10-orig/src/sfnt/ttcmap.c freetype-2.1.10/src/sfnt/ttcmap.c ---- freetype-2.1.10-orig/src/sfnt/ttcmap.c 2005-05-11 14:37:40.000000000 +0000 -+++ freetype-2.1.10/src/sfnt/ttcmap.c 2006-05-31 22:57:04.807665250 +0000 -@@ -2144,9 +2144,7 @@ - charmap.encoding = FT_ENCODING_NONE; /* will be filled later */ - offset = TT_NEXT_ULONG( p ); - -- if ( offset && -- table + offset + 2 < limit && -- table + offset >= table ) -+ if ( offset && offset <= face->cmap_size -2 ) - { - FT_Byte* cmap = table + offset; - volatile FT_UInt format = TT_PEEK_USHORT( cmap ); diff --git a/x11/freetype/freetype.conf b/x11/freetype/freetype.conf index 3f58483c4..a5bc680a8 100644 --- a/x11/freetype/freetype.conf +++ b/x11/freetype/freetype.conf @@ -1,7 +1,8 @@ -# --- T2-COPYRIGHT-NOTE-BEGIN --- +# --- SDE-COPYRIGHT-NOTE-BEGIN --- # This copyright note is auto-generated by ./scripts/Create-CopyPatch. # -# T2 SDE: package/.../freetype/freetype.conf +# Filename: package/.../freetype/freetype.conf +# Copyright (C) 2007 The OpenSDE Project # Copyright (C) 2004 - 2006 The T2 SDE Project # # More information can be found in the files COPYING and README. @@ -10,12 +11,11 @@ # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 2 of the License. A copy of the # GNU General Public License can be found in the file COPYING. -# --- T2-COPYRIGHT-NOTE-END --- +# --- SDE-COPYRIGHT-NOTE-END --- -# hm, the damn Jam build system does not like CC and CXX set -# and generates object code into .lo files ... :-( -makeopt="all" -makeinstopt="install" +# do not generate object code into .lo but .o files as requested by libtool +hook_add premake 3 \ + "sed -i -e 's,^\(O[ \t]*\:\=\) lo,\1 o,' builds/unix/unix-cc.mk" # Dan Burcaw - Yellow Dog Linux # http://www.freetype.org/pipermail/devel/2004-March/010293.html diff --git a/x11/freetype/freetype.desc b/x11/freetype/freetype.desc index 88c204616..6eb78da13 100644 --- a/x11/freetype/freetype.desc +++ b/x11/freetype/freetype.desc @@ -3,7 +3,7 @@ [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. [COPY] [COPY] Filename: package/.../freetype/freetype.desc -[COPY] Copyright (C) 2006 The OpenSDE Project +[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project [COPY] Copyright (C) 1998 - 2003 Clifford Wolf [COPY] @@ -28,10 +28,12 @@ [C] extra/font +[F] FPIC-QUIRK + [L] GPL [S] Stable -[V] 2.1.10 +[V] 2.3.2 [P] X -----5---9 106.000 -[D] 3960338183 freetype-2.1.10.tar.bz2 http://dl.sourceforge.net/sourceforge/freetype/ +[D] 3234595584 freetype-2.3.2.tar.bz2 http://dl.sourceforge.net/sourceforge/freetype/