* [PATCH 1/2] freetype: Update to 2.10.4
@ 2021-02-04 12:55 Adolf Belka
2021-02-04 17:17 ` Peter Müller
0 siblings, 1 reply; 2+ messages in thread
From: Adolf Belka @ 2021-02-04 12:55 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3290 bytes --]
- Update freetype from 2.10.2 to 2.10.4
- A heap buffer overflow has been found in the handling of embedded
PNG bitmaps, introduced in FreeType version 2.6.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately.
- Version 2.10.3 and later breaks the build of ghostscript, due to ghostscripts
use of a withdrawn freetype macro that wasn't for external usage.
A patch has been created to fix this and is included in the connected
ghostcript patch.
- Updated rootfile
- Changelog for version 2.10.3 release is too long to add here. This can be
found in the changelog file in the tarball
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/freetype | 10 ++++------
lfs/freetype | 4 ++--
2 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype
index 4d72ec357..194253601 100644
--- a/config/rootfiles/common/freetype
+++ b/config/rootfiles/common/freetype
@@ -7,15 +7,16 @@
#usr/include/freetype2/freetype/config/ftmodule.h
#usr/include/freetype2/freetype/config/ftoption.h
#usr/include/freetype2/freetype/config/ftstdlib.h
+#usr/include/freetype2/freetype/config/integer-types.h
+#usr/include/freetype2/freetype/config/mac-support.h
+#usr/include/freetype2/freetype/config/public-macros.h
#usr/include/freetype2/freetype/freetype.h
#usr/include/freetype2/freetype/ftadvanc.h
-#usr/include/freetype2/freetype/ftautoh.h
#usr/include/freetype2/freetype/ftbbox.h
#usr/include/freetype2/freetype/ftbdf.h
#usr/include/freetype2/freetype/ftbitmap.h
#usr/include/freetype2/freetype/ftbzip2.h
#usr/include/freetype2/freetype/ftcache.h
-#usr/include/freetype2/freetype/ftcffdrv.h
#usr/include/freetype2/freetype/ftchapters.h
#usr/include/freetype2/freetype/ftcid.h
#usr/include/freetype2/freetype/ftcolor.h
@@ -47,20 +48,17 @@
#usr/include/freetype2/freetype/ftsynth.h
#usr/include/freetype2/freetype/ftsystem.h
#usr/include/freetype2/freetype/fttrigon.h
-#usr/include/freetype2/freetype/ftttdrv.h
#usr/include/freetype2/freetype/fttypes.h
#usr/include/freetype2/freetype/ftwinfnt.h
#usr/include/freetype2/freetype/t1tables.h
#usr/include/freetype2/freetype/ttnameid.h
#usr/include/freetype2/freetype/tttables.h
#usr/include/freetype2/freetype/tttags.h
-#usr/include/freetype2/freetype/ttunpat.h
#usr/include/freetype2/ft2build.h
-#usr/lib/libfreetype.a
#usr/lib/libfreetype.la
#usr/lib/libfreetype.so
usr/lib/libfreetype.so.6
-usr/lib/libfreetype.so.6.17.2
+usr/lib/libfreetype.so.6.17.4
#usr/lib/pkgconfig/freetype2.pc
#usr/share/aclocal/freetype2.m4
#usr/share/man/man1/freetype-config.1
diff --git a/lfs/freetype b/lfs/freetype
index 4106d22ee..8a93ad0e9 100644
--- a/lfs/freetype
+++ b/lfs/freetype
@@ -24,7 +24,7 @@
include Config
-VER = 2.10.2
+VER = 2.10.4
THISAPP = freetype-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074
+$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
install : $(TARGET)
--
2.30.0
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH 1/2] freetype: Update to 2.10.4
2021-02-04 12:55 [PATCH 1/2] freetype: Update to 2.10.4 Adolf Belka
@ 2021-02-04 17:17 ` Peter Müller
0 siblings, 0 replies; 2+ messages in thread
From: Peter Müller @ 2021-02-04 17:17 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 3510 bytes --]
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
> - Update freetype from 2.10.2 to 2.10.4
> - A heap buffer overflow has been found in the handling of embedded
> PNG bitmaps, introduced in FreeType version 2.6.
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
> If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately.
> - Version 2.10.3 and later breaks the build of ghostscript, due to ghostscripts
> use of a withdrawn freetype macro that wasn't for external usage.
> A patch has been created to fix this and is included in the connected
> ghostcript patch.
> - Updated rootfile
> - Changelog for version 2.10.3 release is too long to add here. This can be
> found in the changelog file in the tarball
>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/freetype | 10 ++++------
> lfs/freetype | 4 ++--
> 2 files changed, 6 insertions(+), 8 deletions(-)
>
> diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype
> index 4d72ec357..194253601 100644
> --- a/config/rootfiles/common/freetype
> +++ b/config/rootfiles/common/freetype
> @@ -7,15 +7,16 @@
> #usr/include/freetype2/freetype/config/ftmodule.h
> #usr/include/freetype2/freetype/config/ftoption.h
> #usr/include/freetype2/freetype/config/ftstdlib.h
> +#usr/include/freetype2/freetype/config/integer-types.h
> +#usr/include/freetype2/freetype/config/mac-support.h
> +#usr/include/freetype2/freetype/config/public-macros.h
> #usr/include/freetype2/freetype/freetype.h
> #usr/include/freetype2/freetype/ftadvanc.h
> -#usr/include/freetype2/freetype/ftautoh.h
> #usr/include/freetype2/freetype/ftbbox.h
> #usr/include/freetype2/freetype/ftbdf.h
> #usr/include/freetype2/freetype/ftbitmap.h
> #usr/include/freetype2/freetype/ftbzip2.h
> #usr/include/freetype2/freetype/ftcache.h
> -#usr/include/freetype2/freetype/ftcffdrv.h
> #usr/include/freetype2/freetype/ftchapters.h
> #usr/include/freetype2/freetype/ftcid.h
> #usr/include/freetype2/freetype/ftcolor.h
> @@ -47,20 +48,17 @@
> #usr/include/freetype2/freetype/ftsynth.h
> #usr/include/freetype2/freetype/ftsystem.h
> #usr/include/freetype2/freetype/fttrigon.h
> -#usr/include/freetype2/freetype/ftttdrv.h
> #usr/include/freetype2/freetype/fttypes.h
> #usr/include/freetype2/freetype/ftwinfnt.h
> #usr/include/freetype2/freetype/t1tables.h
> #usr/include/freetype2/freetype/ttnameid.h
> #usr/include/freetype2/freetype/tttables.h
> #usr/include/freetype2/freetype/tttags.h
> -#usr/include/freetype2/freetype/ttunpat.h
> #usr/include/freetype2/ft2build.h
> -#usr/lib/libfreetype.a
> #usr/lib/libfreetype.la
> #usr/lib/libfreetype.so
> usr/lib/libfreetype.so.6
> -usr/lib/libfreetype.so.6.17.2
> +usr/lib/libfreetype.so.6.17.4
> #usr/lib/pkgconfig/freetype2.pc
> #usr/share/aclocal/freetype2.m4
> #usr/share/man/man1/freetype-config.1
> diff --git a/lfs/freetype b/lfs/freetype
> index 4106d22ee..8a93ad0e9 100644
> --- a/lfs/freetype
> +++ b/lfs/freetype
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 2.10.2
> +VER = 2.10.4
>
> THISAPP = freetype-$(VER)
> DL_FILE = $(THISAPP).tar.xz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074
> +$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
>
> install : $(TARGET)
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-02-04 17:17 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-04 12:55 [PATCH 1/2] freetype: Update to 2.10.4 Adolf Belka
2021-02-04 17:17 ` Peter Müller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox