diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-02-16 22:28:58 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-02-20 16:26:20 +0100 |
commit | b1989c12501e880afab62d3ff961791906fef350 (patch) | |
tree | ec1cf7a7f80ff803d2af32a53f41102746530a77 /gnu/packages/patches | |
parent | fb9d0350153f0e969c0a8e57a698e378158ae124 (diff) | |
download | guix-b1989c12501e880afab62d3ff961791906fef350.tar.gz guix-b1989c12501e880afab62d3ff961791906fef350.zip |
gnu: freetype: Fix CVE-2018-6942.
* gnu/packages/patches/freetype-CVE-2018-6942.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/fontutils.scm (freetype)[replacement]: New field.
(freetype/fixed): New variable.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/freetype-CVE-2018-6942.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/gnu/packages/patches/freetype-CVE-2018-6942.patch b/gnu/packages/patches/freetype-CVE-2018-6942.patch new file mode 100644 index 0000000000..680f357765 --- /dev/null +++ b/gnu/packages/patches/freetype-CVE-2018-6942.patch @@ -0,0 +1,31 @@ +Fix CVE-2018-6942: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942 +https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html + +Copied from upstream (ChangeLog section removed): +https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef + +diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c +index d855aaa..551f14a 100644 +--- a/src/truetype/ttinterp.c ++++ b/src/truetype/ttinterp.c +@@ -7532,8 +7532,16 @@ + return; + } + +- for ( i = 0; i < num_axes; i++ ) +- args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ ++ if ( coords ) ++ { ++ for ( i = 0; i < num_axes; i++ ) ++ args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ ++ } ++ else ++ { ++ for ( i = 0; i < num_axes; i++ ) ++ args[i] = 0; ++ } + } + + |