This fixes a heap buffer overflow in the handling of embedded PNG bitmaps (CVE-2020-15999). Further information is available at https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/ .
Signed-off-by: Peter Müller peter.mueller@ipfire.org --- config/rootfiles/common/freetype | 10 ++++------ lfs/freetype | 6 +++--- 2 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype index 4d72ec357..194253601 100644 --- a/config/rootfiles/common/freetype +++ b/config/rootfiles/common/freetype @@ -7,15 +7,16 @@ #usr/include/freetype2/freetype/config/ftmodule.h #usr/include/freetype2/freetype/config/ftoption.h #usr/include/freetype2/freetype/config/ftstdlib.h +#usr/include/freetype2/freetype/config/integer-types.h +#usr/include/freetype2/freetype/config/mac-support.h +#usr/include/freetype2/freetype/config/public-macros.h #usr/include/freetype2/freetype/freetype.h #usr/include/freetype2/freetype/ftadvanc.h -#usr/include/freetype2/freetype/ftautoh.h #usr/include/freetype2/freetype/ftbbox.h #usr/include/freetype2/freetype/ftbdf.h #usr/include/freetype2/freetype/ftbitmap.h #usr/include/freetype2/freetype/ftbzip2.h #usr/include/freetype2/freetype/ftcache.h -#usr/include/freetype2/freetype/ftcffdrv.h #usr/include/freetype2/freetype/ftchapters.h #usr/include/freetype2/freetype/ftcid.h #usr/include/freetype2/freetype/ftcolor.h @@ -47,20 +48,17 @@ #usr/include/freetype2/freetype/ftsynth.h #usr/include/freetype2/freetype/ftsystem.h #usr/include/freetype2/freetype/fttrigon.h -#usr/include/freetype2/freetype/ftttdrv.h #usr/include/freetype2/freetype/fttypes.h #usr/include/freetype2/freetype/ftwinfnt.h #usr/include/freetype2/freetype/t1tables.h #usr/include/freetype2/freetype/ttnameid.h #usr/include/freetype2/freetype/tttables.h #usr/include/freetype2/freetype/tttags.h -#usr/include/freetype2/freetype/ttunpat.h #usr/include/freetype2/ft2build.h -#usr/lib/libfreetype.a #usr/lib/libfreetype.la #usr/lib/libfreetype.so usr/lib/libfreetype.so.6 -usr/lib/libfreetype.so.6.17.2 +usr/lib/libfreetype.so.6.17.4 #usr/lib/pkgconfig/freetype2.pc #usr/share/aclocal/freetype2.m4 #usr/share/man/man1/freetype-config.1 diff --git a/lfs/freetype b/lfs/freetype index 4106d22ee..b9a385d88 100644 --- a/lfs/freetype +++ b/lfs/freetype @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.10.2 +VER = 2.10.4
THISAPP = freetype-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074 +$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
install : $(TARGET)
Hello,
This unfortunately breaks the build of Ghostscript on all architectures. See below for the log.
Could you please try to update GS as well and see if that solves the problem?
Best, -Michael
./obj/aux/echogs -w ./obj/gconfig_.h -x 2f2a -s This file was generated automatically by unix-aux.mak. -s -x 2a2f ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u GS_CACHE_DIR -x 2022 "~/.ghostscript/cache/" -x 22 ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -e .dev -w- -l-obj ./obj/nosync ./obj/gp_nsync.o ./obj/aux/echogs -e .dev -w- -l-obj ./obj/smd5 ./obj/smd5.o ./obj/gsmd5.o ./obj/aux/echogs -e .dev -w- -l-obj ./obj/pipe ./obj/gdevpipe.o ./base/fapi_ft.c:128:1: warning: return type defaults to 'int' [-Wimplicit-int] 128 | FT_CALLBACK_DEF(void *) | ^~~~~~~~~~~~~~~ ./base/fapi_ft.c:128:1: warning: no previous prototype for 'FT_CALLBACK_DEF' [-Wmissing-prototypes] ./base/fapi_ft.c: In function 'FT_CALLBACK_DEF': ./base/fapi_ft.c:129:1: error: expected declaration specifiers before 'FF_alloc' 129 | FF_alloc(FT_Memory memory, long size) | ^~~~~~~~ ./base/fapi_ft.c:136:1: error: expected declaration specifiers before 'FT_CALLBACK_DEF' 136 | FT_CALLBACK_DEF(void *) | ^~~~~~~~~~~~~~~ ./base/fapi_ft.c:156:1: error: expected declaration specifiers before 'FT_CALLBACK_DEF' 156 | FT_CALLBACK_DEF(void) | ^~~~~~~~~~~~~~~ ./base/fapi_ft.c:172:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 172 | { | ^ ./base/fapi_ft.c:191:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 191 | { | ^ ./base/fapi_ft.c:197:19: error: storage class specified for parameter 'file_default_buffer_size' 197 | extern const uint file_default_buffer_size; | ^~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:201:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 201 | { | ^ ./base/fapi_ft.c:279:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 279 | { | ^ ./base/fapi_ft.c:298:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 298 | { | ^ ./base/fapi_ft.c:326:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 326 | { | ^ ./base/fapi_ft.c:346:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 346 | { | ^ ./base/fapi_ft.c:357:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 357 | { | ^ ./base/fapi_ft.c:445:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 445 | { | ^ ./base/fapi_ft.c:460:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 460 | { | ^ ./base/fapi_ft.c:489:38: error: storage class specified for parameter 'TheFAPIIncrementalInterfaceFuncs' 489 | static const FT_Incremental_FuncsRec TheFAPIIncrementalInterfaceFuncs = { | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:489:1: error: parameter 'TheFAPIIncrementalInterfaceFuncs' is initialized 489 | static const FT_Incremental_FuncsRec TheFAPIIncrementalInterfaceFuncs = { | ^~~~~~ ./base/fapi_ft.c:490:5: error: 'get_fapi_glyph_data' undeclared (first use in this function); did you mean 'st_glyph_data'? 490 | get_fapi_glyph_data, | ^~~~~~~~~~~~~~~~~~~ | st_glyph_data ./base/fapi_ft.c:490:5: note: each undeclared identifier is reported only once for each function it appears in ./base/fapi_ft.c:491:5: error: 'free_fapi_glyph_data' undeclared (first use in this function) 491 | free_fapi_glyph_data, | ^~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:492:5: error: 'get_fapi_glyph_metrics' undeclared (first use in this function); did you mean 'gs_fapi_glyph_error'? 492 | get_fapi_glyph_metrics | ^~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_glyph_error ./base/fapi_ft.c:497:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 497 | { | ^ ./base/fapi_ft.c:519:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 519 | { | ^ ./base/fapi_ft.c:533:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 533 | { | ^ ./base/fapi_ft.c:550:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 550 | { | ^ ./base/fapi_ft.c:915:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 915 | { | ^ ./base/fapi_ft.c:978:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 978 | { | ^ ./base/fapi_ft.c:1113:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1113 | { | ^ ./base/fapi_ft.c:1426:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1426 | { | ^ ./base/fapi_ft.c:1436:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1436 | { | ^ ./base/fapi_ft.c:1456:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1456 | { | ^ ./base/fapi_ft.c:1470:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1470 | { | ^ ./base/fapi_ft.c:1494:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1494 | { | ^ ./base/fapi_ft.c:1506:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1506 | { | ^ ./base/fapi_ft.c:1516:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1516 | { | ^ ./base/fapi_ft.c:1535:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1535 | { | ^ ./base/fapi_ft.c:1549:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1549 | { | ^ ./base/fapi_ft.c:1574:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1574 | { | ^ ./base/fapi_ft.c:1588:3: error: storage class specified for parameter 'FF_path_info' 1588 | } FF_path_info; | ^~~~~~~~~~~~ ./base/fapi_ft.c:1592:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1592 | { | ^ ./base/fapi_ft.c:1601:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1601 | { | ^ ./base/fapi_ft.c:1621:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1621 | { | ^ ./base/fapi_ft.c:1638:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1638 | { | ^ ./base/fapi_ft.c:1690:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1690 | { | ^ ./base/fapi_ft.c:1716:31: error: storage class specified for parameter 'TheFtOutlineFuncs' 1716 | static const FT_Outline_Funcs TheFtOutlineFuncs = { | ^~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1716:1: error: parameter 'TheFtOutlineFuncs' is initialized 1716 | static const FT_Outline_Funcs TheFtOutlineFuncs = { | ^~~~~~ ./base/fapi_ft.c:1717:5: error: 'move_to' undeclared (first use in this function); did you mean 'mode_t'? 1717 | move_to, | ^~~~~~~ | mode_t ./base/fapi_ft.c:1718:5: error: 'line_to' undeclared (first use in this function) 1718 | line_to, | ^~~~~~~ ./base/fapi_ft.c:1719:5: error: 'conic_to' undeclared (first use in this function) 1719 | conic_to, | ^~~~~~~~ ./base/fapi_ft.c:1720:5: error: 'cubic_to' undeclared (first use in this function) 1720 | cubic_to, | ^~~~~~~~ ./base/fapi_ft.c:1730:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1730 | { | ^ ./base/fapi_ft.c:1757:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1757 | { | ^ ./base/fapi_ft.c:1777:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1777 | { | ^ ./base/fapi_ft.c:1786:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1786 | { | ^ ./base/fapi_ft.c:1796:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1796 | { | ^ ./base/fapi_ft.c:1830:13: error: storage class specified for parameter 'gs_fapi_freetype_destroy' 1830 | static void gs_fapi_freetype_destroy(gs_fapi_server ** serv); | ^~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1832:40: error: storage class specified for parameter 'freetypedescriptor' 1832 | static const gs_fapi_server_descriptor freetypedescriptor = { | ^~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1832:1: error: parameter 'freetypedescriptor' is initialized 1832 | static const gs_fapi_server_descriptor freetypedescriptor = { | ^~~~~~ ./base/fapi_ft.c:1838:29: error: storage class specified for parameter 'freetypeserver' 1838 | static const gs_fapi_server freetypeserver = { | ^~~~~~~~~~~~~~ ./base/fapi_ft.c:1838:1: error: parameter 'freetypeserver' is initialized 1838 | static const gs_fapi_server freetypeserver = { | ^~~~~~ ./base/fapi_ft.c:1848:5: error: 'gs_fapi_ft_ensure_open' undeclared (first use in this function); did you mean 'gs_fapi_font_feature_lenIV'? 1848 | gs_fapi_ft_ensure_open, | ^~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_font_feature_lenIV ./base/fapi_ft.c:1849:5: error: 'gs_fapi_ft_get_scaled_font' undeclared (first use in this function); did you mean 'gs_fapi_font_scale_s'? 1849 | gs_fapi_ft_get_scaled_font, | ^~~~~~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_font_scale_s ./base/fapi_ft.c:1850:5: error: 'gs_fapi_ft_get_decodingID' undeclared (first use in this function) 1850 | gs_fapi_ft_get_decodingID, | ^~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1851:5: error: 'gs_fapi_ft_get_font_bbox' undeclared (first use in this function); did you mean 'gs_fapi_get_font_info'? 1851 | gs_fapi_ft_get_font_bbox, | ^~~~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_get_font_info ./base/fapi_ft.c:1852:5: error: 'gs_fapi_ft_get_font_proportional_feature' undeclared (first use in this function) 1852 | gs_fapi_ft_get_font_proportional_feature, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1853:5: error: 'gs_fapi_ft_can_retrieve_char_by_name' undeclared (first use in this function) 1853 | gs_fapi_ft_can_retrieve_char_by_name, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1854:5: error: 'gs_fapi_ft_can_replace_metrics' undeclared (first use in this function) 1854 | gs_fapi_ft_can_replace_metrics, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1856:5: error: 'gs_fapi_ft_get_fontmatrix' undeclared (first use in this function); did you mean 'gs_fapi_get_font_info'? 1856 | gs_fapi_ft_get_fontmatrix, | ^~~~~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_get_font_info ./base/fapi_ft.c:1857:5: error: 'gs_fapi_ft_get_char_width' undeclared (first use in this function); did you mean 'gs_text_setcharwidth'? 1857 | gs_fapi_ft_get_char_width, | ^~~~~~~~~~~~~~~~~~~~~~~~~ | gs_text_setcharwidth ./base/fapi_ft.c:1858:5: error: 'gs_fapi_ft_get_char_raster_metrics' undeclared (first use in this function) 1858 | gs_fapi_ft_get_char_raster_metrics, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1859:5: error: 'gs_fapi_ft_get_char_raster' undeclared (first use in this function) 1859 | gs_fapi_ft_get_char_raster, | ^~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1860:5: error: 'gs_fapi_ft_get_char_outline_metrics' undeclared (first use in this function) 1860 | gs_fapi_ft_get_char_outline_metrics, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1861:5: error: 'gs_fapi_ft_get_char_outline' undeclared (first use in this function) 1861 | gs_fapi_ft_get_char_outline, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1862:5: error: 'gs_fapi_ft_release_char_data' undeclared (first use in this function) 1862 | gs_fapi_ft_release_char_data, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1863:5: error: 'gs_fapi_ft_release_typeface' undeclared (first use in this function) 1863 | gs_fapi_ft_release_typeface, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1864:5: error: 'gs_fapi_ft_check_cmap_for_GID' undeclared (first use in this function) 1864 | gs_fapi_ft_check_cmap_for_GID, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c:1866:5: error: 'gs_fapi_ft_set_mm_weight_vector' undeclared (first use in this function); did you mean 'gs_fapi_font_feature_WeightVector'? 1866 | gs_fapi_ft_set_mm_weight_vector, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | gs_fapi_font_feature_WeightVector ./base/fapi_ft.c:1873:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1873 | { | ^ ./base/fapi_ft.c:1902:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before '{' token 1902 | { | ^ ./base/fapi_ft.c:128:1: error: old-style parameter declarations in prototyped function definition 128 | FT_CALLBACK_DEF(void *) | ^~~~~~~~~~~~~~~ ./base/fapi_ft.c:128:17: error: parameter name omitted 128 | FT_CALLBACK_DEF(void *) | ^~~~~~ ./base/fapi_ft.c:1917: error: expected '{' at end of input 1917 | } | ./base/fapi_ft.c: At top level: ./base/fapi_ft.c:121:1: warning: 'delete_inc_int' declared 'static' but never defined [-Wunused-function] 121 | delete_inc_int(gs_fapi_server * a_server, | ^~~~~~~~~~~~~~ ./base/fapi_ft.c:125:1: warning: 'delete_inc_int_info' declared 'static' but never defined [-Wunused-function] 125 | delete_inc_int_info(gs_fapi_server * a_server, | ^~~~~~~~~~~~~~~~~~~ ./base/fapi_ft.c: In function 'FT_CALLBACK_DEF': ./base/fapi_ft.c:1917: error: control reaches end of non-void function [-Werror=return-type] 1917 | } | cc1: some warnings being treated as errors ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_DIRENT_H make[1]: *** [base/lib.mak:1337: obj/fapi_ft_1.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u SEARCH_HERE_FIRST -s 0 ./obj/aux/echogs -e .dev -a- ./obj/pipe -iodev pipe if ( test -f /usr/include/dirent.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_DIRENT_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_DIRENT_H 0; fi ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u GS_DOCDIR -x 2022 /usr/share/doc/ghostscript/9.53.3 -x 22 ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u GS_INIT -x 2022 gs_init.ps -x 22 ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u GS_REVISION -s 9533 ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -a ./obj/gconfigd.h -x 23 define -s -u GS_REVISIONDATE -s 20201001 ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_NDIR_H if ( test -f /usr/include/ndir.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_NDIR_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_NDIR_H 0; fi ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_SYS_DIR_H if ( test -f /usr/include/sys/dir.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_DIR_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_DIR_H 0; fi ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_SYS_NDIR_H if ( test -f /usr/include/sys/ndir.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_NDIR_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_NDIR_H 0; fi ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_SYS_TIME_H if ( test -f /usr/include/sys/time.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_TIME_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_TIME_H 0; fi ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 ifndef HAVE_SYS_TIMES_H if ( test -f /usr/include/sys/times.h ); then ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_TIMES_H 1; \ else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define HAVE_SYS_TIMES_H 0; fi ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 endif ./obj/aux/echogs -a ./obj/gconfig_.h if ( test -f src/jmemsys.h); then true; else ./obj/aux/echogs -a ./obj/gconfig_.h -x 23 define DONT_HAVE_JMEMSYS_H; fi make[1]: Leaving directory '/usr/src/ghostscript-9.53.3' make: *** [ghostscript:88: /usr/src/log/ghostscript-9.53.3] Error 2
On 28 Jan 2021, at 18:43, Peter Müller peter.mueller@ipfire.org wrote:
This fixes a heap buffer overflow in the handling of embedded PNG bitmaps (CVE-2020-15999). Further information is available at https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/ .
Signed-off-by: Peter Müller peter.mueller@ipfire.org
config/rootfiles/common/freetype | 10 ++++------ lfs/freetype | 6 +++--- 2 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/config/rootfiles/common/freetype b/config/rootfiles/common/freetype index 4d72ec357..194253601 100644 --- a/config/rootfiles/common/freetype +++ b/config/rootfiles/common/freetype @@ -7,15 +7,16 @@ #usr/include/freetype2/freetype/config/ftmodule.h #usr/include/freetype2/freetype/config/ftoption.h #usr/include/freetype2/freetype/config/ftstdlib.h +#usr/include/freetype2/freetype/config/integer-types.h +#usr/include/freetype2/freetype/config/mac-support.h +#usr/include/freetype2/freetype/config/public-macros.h #usr/include/freetype2/freetype/freetype.h #usr/include/freetype2/freetype/ftadvanc.h -#usr/include/freetype2/freetype/ftautoh.h #usr/include/freetype2/freetype/ftbbox.h #usr/include/freetype2/freetype/ftbdf.h #usr/include/freetype2/freetype/ftbitmap.h #usr/include/freetype2/freetype/ftbzip2.h #usr/include/freetype2/freetype/ftcache.h -#usr/include/freetype2/freetype/ftcffdrv.h #usr/include/freetype2/freetype/ftchapters.h #usr/include/freetype2/freetype/ftcid.h #usr/include/freetype2/freetype/ftcolor.h @@ -47,20 +48,17 @@ #usr/include/freetype2/freetype/ftsynth.h #usr/include/freetype2/freetype/ftsystem.h #usr/include/freetype2/freetype/fttrigon.h -#usr/include/freetype2/freetype/ftttdrv.h #usr/include/freetype2/freetype/fttypes.h #usr/include/freetype2/freetype/ftwinfnt.h #usr/include/freetype2/freetype/t1tables.h #usr/include/freetype2/freetype/ttnameid.h #usr/include/freetype2/freetype/tttables.h #usr/include/freetype2/freetype/tttags.h -#usr/include/freetype2/freetype/ttunpat.h #usr/include/freetype2/ft2build.h -#usr/lib/libfreetype.a #usr/lib/libfreetype.la #usr/lib/libfreetype.so usr/lib/libfreetype.so.6 -usr/lib/libfreetype.so.6.17.2 +usr/lib/libfreetype.so.6.17.4 #usr/lib/pkgconfig/freetype2.pc #usr/share/aclocal/freetype2.m4 #usr/share/man/man1/freetype-config.1 diff --git a/lfs/freetype b/lfs/freetype index 4106d22ee..b9a385d88 100644 --- a/lfs/freetype +++ b/lfs/freetype @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2021 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 2.10.2 +VER = 2.10.4
THISAPP = freetype-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 7c0d5a39f232d7eb9f9d7da76bf08074 +$(DL_FILE)_MD5 = 0e6c0e9b218be3ba3e26e1d23b1c80dd
install : $(TARGET)
-- 2.26.2
-
Michael Tremer -
Peter Müller