- Update freetype from 2.10.2 to 2.10.4 - A heap buffer overflow has been found in the handling of embedded PNG bitmaps, introduced in FreeType version 2.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately. - Version 2.10.3 and later breaks the build of ghostscript, due to ghostscripts use of a withdrawn freetype macro that wasn't for external usage. A patch has been created to fix this and is included in the connected ghostcript patch. - Updated rootfile - Changelog for version 2.10.3 release is too long to add here. This can be found in the changelog file in the tarball
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/common/freetype | 10 ++++------ lfs/freetype | 4 ++-- 2 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype index 4d72ec357..194253601 100644 --- a/config/rootfiles/common/freetype +++ b/config/rootfiles/common/freetype @@ -7,15 +7,16 @@ #usr/include/freetype2/freetype/config/ftmodule.h #usr/include/freetype2/freetype/config/ftoption.h #usr/include/freetype2/freetype/config/ftstdlib.h +#usr/include/freetype2/freetype/config/integer-types.h +#usr/include/freetype2/freetype/config/mac-support.h +#usr/include/freetype2/freetype/config/public-macros.h #usr/include/freetype2/freetype/freetype.h #usr/include/freetype2/freetype/ftadvanc.h -#usr/include/freetype2/freetype/ftautoh.h #usr/include/freetype2/freetype/ftbbox.h #usr/include/freetype2/freetype/ftbdf.h #usr/include/freetype2/freetype/ftbitmap.h #usr/include/freetype2/freetype/ftbzip2.h #usr/include/freetype2/freetype/ftcache.h -#usr/include/freetype2/freetype/ftcffdrv.h #usr/include/freetype2/freetype/ftchapters.h #usr/include/freetype2/freetype/ftcid.h #usr/include/freetype2/freetype/ftcolor.h @@ -47,20 +48,17 @@ #usr/include/freetype2/freetype/ftsynth.h #usr/include/freetype2/freetype/ftsystem.h #usr/include/freetype2/freetype/fttrigon.h -#usr/include/freetype2/freetype/ftttdrv.h #usr/include/freetype2/freetype/fttypes.h #usr/include/freetype2/freetype/ftwinfnt.h #usr/include/freetype2/freetype/t1tables.h #usr/include/freetype2/freetype/ttnameid.h #usr/include/freetype2/freetype/tttables.h #usr/include/freetype2/freetype/tttags.h -#usr/include/freetype2/freetype/ttunpat.h #usr/include/freetype2/ft2build.h -#usr/lib/libfreetype.a #usr/lib/libfreetype.la #usr/lib/libfreetype.so usr/lib/libfreetype.so.6 -usr/lib/libfreetype.so.6.17.2 +usr/lib/libfreetype.so.6.17.4 #usr/lib/pkgconfig/freetype2.pc #usr/share/aclocal/freetype2.m4 #usr/share/man/man1/freetype-config.1 diff --git a/lfs/freetype b/lfs/freetype index 4106d22ee..8a93ad0e9 100644 --- a/lfs/freetype +++ b/lfs/freetype @@ -24,7 +24,7 @@
include Config
-VER = 2.10.2 +VER = 2.10.4
THISAPP = freetype-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074 +$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
install : $(TARGET)
Reviewed-by: Peter Müller peter.mueller@ipfire.org
- Update freetype from 2.10.2 to 2.10.4
PNG bitmaps, introduced in FreeType version 2.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately.
- A heap buffer overflow has been found in the handling of embedded
- Version 2.10.3 and later breaks the build of ghostscript, due to ghostscripts use of a withdrawn freetype macro that wasn't for external usage. A patch has been created to fix this and is included in the connected ghostcript patch.
- Updated rootfile
- Changelog for version 2.10.3 release is too long to add here. This can be found in the changelog file in the tarball
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/common/freetype | 10 ++++------ lfs/freetype | 4 ++-- 2 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype index 4d72ec357..194253601 100644 --- a/config/rootfiles/common/freetype +++ b/config/rootfiles/common/freetype @@ -7,15 +7,16 @@ #usr/include/freetype2/freetype/config/ftmodule.h #usr/include/freetype2/freetype/config/ftoption.h #usr/include/freetype2/freetype/config/ftstdlib.h +#usr/include/freetype2/freetype/config/integer-types.h +#usr/include/freetype2/freetype/config/mac-support.h +#usr/include/freetype2/freetype/config/public-macros.h #usr/include/freetype2/freetype/freetype.h #usr/include/freetype2/freetype/ftadvanc.h -#usr/include/freetype2/freetype/ftautoh.h #usr/include/freetype2/freetype/ftbbox.h #usr/include/freetype2/freetype/ftbdf.h #usr/include/freetype2/freetype/ftbitmap.h #usr/include/freetype2/freetype/ftbzip2.h #usr/include/freetype2/freetype/ftcache.h -#usr/include/freetype2/freetype/ftcffdrv.h #usr/include/freetype2/freetype/ftchapters.h #usr/include/freetype2/freetype/ftcid.h #usr/include/freetype2/freetype/ftcolor.h @@ -47,20 +48,17 @@ #usr/include/freetype2/freetype/ftsynth.h #usr/include/freetype2/freetype/ftsystem.h #usr/include/freetype2/freetype/fttrigon.h -#usr/include/freetype2/freetype/ftttdrv.h #usr/include/freetype2/freetype/fttypes.h #usr/include/freetype2/freetype/ftwinfnt.h #usr/include/freetype2/freetype/t1tables.h #usr/include/freetype2/freetype/ttnameid.h #usr/include/freetype2/freetype/tttables.h #usr/include/freetype2/freetype/tttags.h -#usr/include/freetype2/freetype/ttunpat.h #usr/include/freetype2/ft2build.h -#usr/lib/libfreetype.a #usr/lib/libfreetype.la #usr/lib/libfreetype.so usr/lib/libfreetype.so.6 -usr/lib/libfreetype.so.6.17.2 +usr/lib/libfreetype.so.6.17.4 #usr/lib/pkgconfig/freetype2.pc #usr/share/aclocal/freetype2.m4 #usr/share/man/man1/freetype-config.1 diff --git a/lfs/freetype b/lfs/freetype index 4106d22ee..8a93ad0e9 100644 --- a/lfs/freetype +++ b/lfs/freetype @@ -24,7 +24,7 @@
include Config
-VER = 2.10.2 +VER = 2.10.4
THISAPP = freetype-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074 +$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
install : $(TARGET)
-
Adolf Belka -
Peter Müller