All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] graphite2: security bump to version 1.3.5
@ 2016-02-15 16:45 Gustavo Zacarias
  2016-02-15 21:43 ` Thomas Petazzoni
  0 siblings, 1 reply; 3+ messages in thread
From: Gustavo Zacarias @ 2016-02-15 16:45 UTC (permalink / raw)
  To: buildroot

Fixes:
CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists
in the opcode handling functionality of Libgraphite. A specially crafted
font can cause an out-of-bounds read resulting in arbitrary code
execution. An attacker can provide a malicious font to trigger this
vulnerability.
CVE-2016-1522 - An exploitable NULL pointer dereference exists in the
bidirectional font handling functionality of Libgraphite. A specially
crafted font can cause a NULL pointer dereference resulting in a crash.
An attacker can provide a malicious font to trigger this vulnerability.
CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the
context item handling functionality of Libgraphite. A specially crafted
font can cause a buffer overflow resulting in potential code execution.
An attacker can provide a malicious font to trigger this vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/graphite2/0001-disable-double-promotion.patch | 13 +++++++------
 package/graphite2/graphite2.hash                      |  4 ++--
 package/graphite2/graphite2.mk                        |  2 +-
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/package/graphite2/0001-disable-double-promotion.patch b/package/graphite2/0001-disable-double-promotion.patch
index 9199a63..3bda3d7 100644
--- a/package/graphite2/0001-disable-double-promotion.patch
+++ b/package/graphite2/0001-disable-double-promotion.patch
@@ -4,10 +4,11 @@ The warning flag isn't recognized for older GCC versions (blackfin),
 so just disable it.
 
 Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
+[Gustavo: update for 1.3.5]
 
-diff -Nura graphite2-1.3.3.orig/src/CMakeLists.txt graphite2-1.3.3/src/CMakeLists.txt
---- graphite2-1.3.3.orig/src/CMakeLists.txt	2015-09-24 10:06:28.877851596 -0300
-+++ graphite2-1.3.3/src/CMakeLists.txt	2015-09-24 10:06:48.201519767 -0300
+diff -Nura graphite2-1.3.5.orig/src/CMakeLists.txt graphite2-1.3.5/src/CMakeLists.txt
+--- graphite2-1.3.5.orig/src/CMakeLists.txt	2016-02-15 11:46:45.941906112 -0300
++++ graphite2-1.3.5/src/CMakeLists.txt	2016-02-15 11:46:54.237194222 -0300
 @@ -111,9 +111,6 @@
          COMPILE_FLAGS   "-Wall -Wextra -Wno-unknown-pragmas -Wendif-labels -Wshadow -Wctor-dtor-privacy -Wnon-virtual-dtor -fno-rtti -fno-exceptions -fvisibility=hidden -fvisibility-inlines-hidden -fno-stack-protector"
          LINK_FLAGS      "-nodefaultlibs ${GRAPHITE_LINK_FLAGS}" 
@@ -15,6 +16,6 @@ diff -Nura graphite2-1.3.3.orig/src/CMakeLists.txt graphite2-1.3.3/src/CMakeList
 -    if (CMAKE_COMPILER_IS_GNUCXX)
 -        add_definitions(-Wdouble-promotion)
 -    endif (CMAKE_COMPILER_IS_GNUCXX)
-     if (${CMAKE_CXX_COMPILER} MATCHES  ".*mingw.*")
-         target_link_libraries(graphite2 kernel32 msvcr90 mingw32 gcc user32)
-     else (${CMAKE_CXX_COMPILER} MATCHES  ".*mingw.*")
+     message(STATUS "Compiler ID is: ${CMAKE_CXX_COMPILER_ID}")
+     if (${CMAKE_CXX_COMPILER_ID} STREQUAL "Clang")
+         add_definitions(-Wimplicit-fallthrough)
diff --git a/package/graphite2/graphite2.hash b/package/graphite2/graphite2.hash
index 1e8a54b..07102cf 100644
--- a/package/graphite2/graphite2.hash
+++ b/package/graphite2/graphite2.hash
@@ -1,3 +1,3 @@
 # From http://sourceforge.net/projects/silgraphite/files/graphite2
-md5	7cda6fc6bc197b216777b15ce52c38a8	graphite2-1.3.3.tgz
-sha1	54b04c283bab4695de63ae2dd6cff392dd49d7f0	graphite2-1.3.3.tgz
+md5	5b8d22a8bbf031838e31432868c0109c	graphite2-1.3.5.tgz
+sha1	044f65d5b4ade3169f5fcd75a25f047c81f5d33e	graphite2-1.3.5.tgz
diff --git a/package/graphite2/graphite2.mk b/package/graphite2/graphite2.mk
index 0de4178..82c4a3b 100644
--- a/package/graphite2/graphite2.mk
+++ b/package/graphite2/graphite2.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GRAPHITE2_VERSION = 1.3.3
+GRAPHITE2_VERSION = 1.3.5
 GRAPHITE2_SOURCE = graphite2-$(GRAPHITE2_VERSION).tgz
 GRAPHITE2_SITE = http://downloads.sourceforge.net/project/silgraphite/graphite2
 GRAPHITE2_INSTALL_STAGING = YES
-- 
2.4.10

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] graphite2: security bump to version 1.3.5
  2016-02-15 16:45 [Buildroot] [PATCH] graphite2: security bump to version 1.3.5 Gustavo Zacarias
@ 2016-02-15 21:43 ` Thomas Petazzoni
  2016-02-16 13:32   ` Gustavo Zacarias
  0 siblings, 1 reply; 3+ messages in thread
From: Thomas Petazzoni @ 2016-02-15 21:43 UTC (permalink / raw)
  To: buildroot

Hello,

On Mon, 15 Feb 2016 13:45:49 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists
> in the opcode handling functionality of Libgraphite. A specially crafted
> font can cause an out-of-bounds read resulting in arbitrary code
> execution. An attacker can provide a malicious font to trigger this
> vulnerability.
> CVE-2016-1522 - An exploitable NULL pointer dereference exists in the
> bidirectional font handling functionality of Libgraphite. A specially
> crafted font can cause a NULL pointer dereference resulting in a crash.
> An attacker can provide a malicious font to trigger this vulnerability.
> CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the
> context item handling functionality of Libgraphite. A specially crafted
> font can cause a buffer overflow resulting in potential code execution.
> An attacker can provide a malicious font to trigger this vulnerability.
> 
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
>  package/graphite2/0001-disable-double-promotion.patch | 13 +++++++------
>  package/graphite2/graphite2.hash                      |  4 ++--
>  package/graphite2/graphite2.mk                        |  2 +-
>  3 files changed, 10 insertions(+), 9 deletions(-)

Applied, thanks.

Note that our graphite2/Config.in points to
http://sourceforge.net/projects/silgraphite/, which states:

"""
This project has been deprecated. Graphite2, a new version of the
Graphite engine, is available at: https://github.com/silnrsi/graphite
with its own bug tracker.
"""

Best regards,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] graphite2: security bump to version 1.3.5
  2016-02-15 21:43 ` Thomas Petazzoni
@ 2016-02-16 13:32   ` Gustavo Zacarias
  0 siblings, 0 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2016-02-16 13:32 UTC (permalink / raw)
  To: buildroot

On 15/02/16 18:43, Thomas Petazzoni wrote:

> Note that our graphite2/Config.in points to
> http://sourceforge.net/projects/silgraphite/, which states:
>
> """
> This project has been deprecated. Graphite2, a new version of the
> Graphite engine, is available at: https://github.com/silnrsi/graphite
> with its own bug tracker.
> """
>
> Best regards,
>
> Thomas

Hi.
Yes, it's pointing to the old home page, i'll send a followup patch 
changing that, thanks.
Regards.

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-02-16 13:32 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-15 16:45 [Buildroot] [PATCH] graphite2: security bump to version 1.3.5 Gustavo Zacarias
2016-02-15 21:43 ` Thomas Petazzoni
2016-02-16 13:32   ` Gustavo Zacarias

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.