--- Begin Message ---
|
Subject: |
[PATCH] gnu: freetype: Fix CVE-2018-6942. |
|
Date: |
Fri, 16 Feb 2018 22:29:51 +0100 |
* gnu/packages/patches/freetype-CVE-2018-6942.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/fontutils.scm (freetype)[replacement]: New field.
(freetype/fixed): New variable.
---
gnu/local.mk | 1 +
gnu/packages/fontutils.scm | 8 ++++++
gnu/packages/patches/freetype-CVE-2018-6942.patch | 31 +++++++++++++++++++++++
3 files changed, 40 insertions(+)
create mode 100644 gnu/packages/patches/freetype-CVE-2018-6942.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 7fe374208..4ee869e0b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -652,6 +652,7 @@ dist_patch_DATA =
\
%D%/packages/patches/freeimage-CVE-2015-0852.patch \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \
+ %D%/packages/patches/freetype-CVE-2018-6942.patch \
%D%/packages/patches/fuse-overlapping-headers.patch
\
%D%/packages/patches/gawk-shell.patch \
%D%/packages/patches/gcc-arm-bug-71399.patch \
diff --git a/gnu/packages/fontutils.scm b/gnu/packages/fontutils.scm
index 387c4689d..84c8497f0 100644
--- a/gnu/packages/fontutils.scm
+++ b/gnu/packages/fontutils.scm
@@ -53,6 +53,7 @@
(define-public freetype
(package
(name "freetype")
+ (replacement freetype/fixed)
(version "2.8")
(source (origin
(method url-fetch)
@@ -78,6 +79,13 @@ anti-aliased glyph bitmap generation with 256 gray levels.")
(license license:freetype) ; some files have other licenses
(home-page "https://www.freetype.org/";)))
+(define freetype/fixed
+ (package/inherit freetype
+ (source
+ (origin
+ (inherit (package-source freetype))
+ (patches (search-patches
"freetype-CVE-2018-6942.patch"))))))
+
(define-public ttfautohint
(package
(name "ttfautohint")
diff --git a/gnu/packages/patches/freetype-CVE-2018-6942.patch
b/gnu/packages/patches/freetype-CVE-2018-6942.patch
new file mode 100644
index 000000000..680f35776
--- /dev/null
+++ b/gnu/packages/patches/freetype-CVE-2018-6942.patch
@@ -0,0 +1,31 @@
+Fix CVE-2018-6942:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
+https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html
+
+Copied from upstream (ChangeLog section removed):
+https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
+
+diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
+index d855aaa..551f14a 100644
+--- a/src/truetype/ttinterp.c
++++ b/src/truetype/ttinterp.c
+@@ -7532,8 +7532,16 @@
+ return;
+ }
+
+- for ( i = 0; i < num_axes; i++ )
+- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++ if ( coords )
++ {
++ for ( i = 0; i < num_axes; i++ )
++ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++ }
++ else
++ {
++ for ( i = 0; i < num_axes; i++ )
++ args[i] = 0;
++ }
+ }
+
+
--
2.16.1
--- End Message ---
--- Begin Message ---
|
Subject: |
Re: [bug#30493] [PATCH] gnu: freetype: Fix CVE-2018-6942. |
|
Date: |
Tue, 20 Feb 2018 17:31:40 +0100 |
|
User-agent: |
Notmuch/0.26 (https://notmuchmail.org) Emacs/25.3.1 (x86_64-pc-linux-gnu) |
Ludovic Courtès <address@hidden> writes:
> Marius Bakke <address@hidden> skribis:
>
>> * gnu/packages/patches/freetype-CVE-2018-6942.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Register it.
>> * gnu/packages/fontutils.scm (freetype)[replacement]: New field.
>> (freetype/fixed): New variable.
>
> LGTM, thanks!
Pushed as b1989c12501e880afab62d3ff961791906fef350.
signature.asc
Description: PGP signature
--- End Message ---