rpms/libXfont/devel cve-2008-0006.patch, NONE, 1.1 libXfont.spec, 1.39, 1.40
Dave Airlie (airlied)
fedora-extras-commits at redhat.com
Fri Jan 18 03:14:45 UTC 2008
- Previous message (by thread): rpms/python-cherrypy/F-7 python-cherrypy-2.3.0-EINTR.patch, NONE, 1.1 .cvsignore, 1.7, 1.8 python-cherrypy-regression-test.patch, 1.4, 1.5 python-cherrypy-tutorial-doc.patch, 1.6, 1.7 python-cherrypy.spec, 1.15, 1.16 sources, 1.7, 1.8 python-cherrypy-2.2.1-EINTR.patch, 1.1, NONE
- Next message (by thread): rpms/Miro/F-7 sources, 1.5, 1.6 Miro.spec, 1.9, 1.10 .cvsignore, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: airlied
Update of /cvs/pkgs/rpms/libXfont/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32262
Modified Files:
libXfont.spec
Added Files:
cve-2008-0006.patch
Log Message:
* Fri Jan 18 2008 Dave Airlie <airlied at redhat.com> 1.3.1-3
- cve-2008-0006.patch: XFS Integer Overflow Vulnerability
cve-2008-0006.patch:
--- NEW FILE cve-2008-0006.patch ---
--- libXfont-1.2.2/src/bitmap/pcfread.c.jx 2008-01-14 11:10:38.000000000 -0500
+++ libXfont-1.2.2/src/bitmap/pcfread.c 2008-01-14 11:13:15.000000000 -0500
@@ -585,6 +585,9 @@ pcfReadFont(FontPtr pFont, FontFilePtr f
pFont->info.lastRow = pcfGetINT16(file, format);
pFont->info.defaultCh = pcfGetINT16(file, format);
if (IS_EOF(file)) goto Bail;
+ if (pFont->info.firstCol > pFont->info.lastCol ||
+ pFont->info.firstRow > pFont->info.lastRow ||
+ pFont->info.lastCol-pFont->info.firstCol > 255) goto Bail;
nencoding = (pFont->info.lastCol - pFont->info.firstCol + 1) *
(pFont->info.lastRow - pFont->info.firstRow + 1);
@@ -723,6 +726,9 @@ pcfReadFontInfo(FontInfoPtr pFontInfo, F
pFontInfo->lastRow = pcfGetINT16(file, format);
pFontInfo->defaultCh = pcfGetINT16(file, format);
if (IS_EOF(file)) goto Bail;
+ if (pFontInfo->firstCol > pFontInfo->lastCol ||
+ pFontInfo->firstRow > pFontInfo->lastRow ||
+ pFontInfo->lastCol-pFontInfo->firstCol > 255) goto Bail;
nencoding = (pFontInfo->lastCol - pFontInfo->firstCol + 1) *
(pFontInfo->lastRow - pFontInfo->firstRow + 1);
Index: libXfont.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libXfont/devel/libXfont.spec,v
retrieving revision 1.39
retrieving revision 1.40
diff -u -r1.39 -r1.40
--- libXfont.spec 13 Jan 2008 07:23:58 -0000 1.39
+++ libXfont.spec 18 Jan 2008 03:13:56 -0000 1.40
@@ -1,14 +1,15 @@
Summary: X.Org X11 libXfont runtime library
Name: libXfont
Version: 1.3.1
-Release: 2%{?dist}
+Release: 3%{?dist}
License: MIT
Group: System Environment/Libraries
URL: http://www.x.org
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Source0: ftp://ftp.x.org/pub/individual/lib/%{name}-%{version}.tar.bz2
-#Patch0: libXfont-1.2.3-namespace-pollution.patch
+
+Patch0: cve-2008-0006.patch
BuildRequires: xorg-x11-util-macros
BuildRequires: xorg-x11-proto-devel
@@ -37,7 +38,7 @@
%prep
%setup -q
-#%patch0 -p1 -b .hidden
+%patch0 -p1 -b .cve-2008-0006
%build
%configure --disable-static
@@ -89,6 +90,9 @@
%{_libdir}/pkgconfig/xfont.pc
%changelog
+* Fri Jan 18 2008 Dave Airlie <airlied at redhat.com> 1.3.1-3
+- cve-2008-0006.patch: XFS Integer Overflow Vulnerability
+
* Sun Jan 13 2008 parag <paragn at fedoraproject.org> 1.3.1-2
- Merge-review #226073 Spec cleanups.
- Previous message (by thread): rpms/python-cherrypy/F-7 python-cherrypy-2.3.0-EINTR.patch, NONE, 1.1 .cvsignore, 1.7, 1.8 python-cherrypy-regression-test.patch, 1.4, 1.5 python-cherrypy-tutorial-doc.patch, 1.6, 1.7 python-cherrypy.spec, 1.15, 1.16 sources, 1.7, 1.8 python-cherrypy-2.2.1-EINTR.patch, 1.1, NONE
- Next message (by thread): rpms/Miro/F-7 sources, 1.5, 1.6 Miro.spec, 1.9, 1.10 .cvsignore, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list