Copied from Debian.

From: Carlos Garcia Campos <cgarcia@igalia.com>
Date: Mon, 19 Nov 2018 12:33:07 +0100
Subject: ft: Use FT_Done_MM_Var instead of free when available in
 cairo_ft_apply_variations

Fixes a crash when using freetype >= 2.9

[This is considered to be security-sensitive because WebKitGTK+ sets its
own memory allocator, which is not compatible with system free(), making
this a remotely triggerable denial of service or memory corruption.]

Origin: upstream, commit:90e85c2493fdfa3551f202ff10282463f1e36645
Bug: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
Bug-Debian: https://bugs.debian.org/916389
Bug-CVE: CVE-2018-19876
---
 src/cairo-ft-font.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
index 325dd61..981973f 100644
--- a/src/cairo-ft-font.c
+++ b/src/cairo-ft-font.c
@@ -2393,7 +2393,11 @@ skip:
 done:
         free (coords);
         free (current_coords);
+#if HAVE_FT_DONE_MM_VAR
+        FT_Done_MM_Var (face->glyph->library, ft_mm_var);
+#else
         free (ft_mm_var);
+#endif
     }
 }
 
x/refs/?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>refs</a><a class='active' href='/guix/log/tests/texlive.scm'>log</a><a href='/guix/tree/tests/texlive.scm?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>tree</a><a href='/guix/commit/tests/texlive.scm?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>commit</a><a href='/guix/diff/tests/texlive.scm?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/tests/texlive.scm'>
<input type='hidden' name='id' value='a5a90a98d8664c92bb8d744abfde6c68c342d364'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>root</a>/<a href='/guix/log/tests?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>tests</a>/<a href='/guix/log/tests/texlive.scm?id=a5a90a98d8664c92bb8d744abfde6c68c342d364'>texlive.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/texlive.scm?id=a5a90a98d8664c92bb8d744abfde6c68c342d364&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2021-03-06 11:41:48 +0100'>2021-03-06</span></td><td><a href='/guix/commit/tests/texlive.scm?id=c05ceaf2b650d090cf39a048193505cb4e6bd257'>tests: do not hard code HTTP ports</a><span class='msg-avail'>...<span class='msg-tooltip'>Previously, test cases could fail if some process was listening
at a hard-coded port.  This patch eliminates most of these potential
failures, by automatically assigning an unbound port.  This should
allow for building multiple guix trees in parallel outside a build
container, though this is currently untested.

The test "home-page: Connection refused" in tests/lint.scm still
hardcodes port 9999, however.

* guix/tests/http.scm
  (http-server-can-listen?): remove now unused procedure.
  (%http-server-port): default to port 0, meaning the OS
  will automatically choose a port.
  (open-http-server-socket): remove the false statement claiming
  this procedure is exported and also return the allocated port
  number.
  (%local-url): raise an error if the port is obviously unbound.
  (call-with-http-server): set %http-server-port to the allocated
  port while the thunk is called.
* tests/derivations.scm: adjust test cases to use automatically
  assign a port.  As there is no risk of a port conflict now,
  do not make any tests conditional upon 'http-server-can-listen?'
  anymore.
* tests/elpa.scm: likewise.
* tests/lint.scm: likewise, and add a TODO comment about a port
  that is still hard-coded.
* tests/texlive.scm: likewise.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>Maxime Devos</td></tr>
<tr><td><span title='2020-01-17 14:22:08 +0100'>2020-01-17</span></td><td><a href='/guix/commit/tests/texlive.scm?id=6f918d69b4824226c877c0ca6385360a1dd38bbd'>import: texlive: Avoid uses of '@@' in tests.</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/import/texlive.scm (fetch-sxml, sxml-&gt;package): Export.
* tests/texlive.scm &lt;top level&gt;: Call '%http-server-port'.
("fetch-sxml: returns SXML for valid XML"): Use 'with-http-server' and
set 'current-http-proxy' instead of using 'mock'.
("sxml-&gt;package"): Remove use of '@@'.
</span></span></td><td>Ludovic Courtès</td></tr>