svn commit: r468891 - in branches/2018Q2/print/freetype2: . files

Jan Beich jbeich at FreeBSD.org
Wed May 2 23:30:11 UTC 2018 

Author: jbeich
Date: Wed May  2 23:30:09 2018
New Revision: 468891
URL: https://svnweb.freebsd.org/changeset/ports/468891

Log:
  print/freetype2: apply CVE-2018-6942 fix
  
  PR:		227568
  Submitted by:	lightside at gmx.com
  Obtained from:	upstream (freetype 2.9.1)
  Approved by:	ports-secteam blanket

Added:
  branches/2018Q2/print/freetype2/files/patch-CVE-2018-6942   (contents, props changed)
Modified:
  branches/2018Q2/print/freetype2/Makefile

Modified: branches/2018Q2/print/freetype2/Makefile
==============================================================================
--- branches/2018Q2/print/freetype2/Makefile	Wed May  2 22:23:21 2018	(r468890)
+++ branches/2018Q2/print/freetype2/Makefile	Wed May  2 23:30:09 2018	(r468891)
@@ -3,7 +3,7 @@
 
 PORTNAME=	freetype2
 PORTVERSION=	2.8
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	print
 MASTER_SITES=	http://savannah.nongnu.org/download/freetype/ \
 		SF/freetype/${PORTNAME}/${PORTVERSION:C/^([0-9]+\.[0-9]+\.[0-9]+).*/\1/}/ \

Added: branches/2018Q2/print/freetype2/files/patch-CVE-2018-6942
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2018Q2/print/freetype2/files/patch-CVE-2018-6942	Wed May  2 23:30:09 2018	(r468891)
@@ -0,0 +1,24 @@
+# * src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL reference.
+# https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef
+
+--- src/truetype/ttinterp.c.orig	2017-05-03 21:42:13 UTC
++++ src/truetype/ttinterp.c
+@@ -7470,8 +7470,16 @@
+       return;
+     }
+ 
+-    for ( i = 0; i < num_axes; i++ )
+-      args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++    if ( coords )
++    {
++      for ( i = 0; i < num_axes; i++ )
++        args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++    }
++    else
++    {
++      for ( i = 0; i < num_axes; i++ )
++        args[i] = 0;
++    }
+   }
+ 
+

More information about the svn-ports-branches mailing list