From 8ff4f2f51a6cf07fc33742ce3bee81328896e49b Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 25 May 2018 23:29:36 +0000 Subject: Fri May 25 23:29:36 UTC 2018 patches/packages/glibc-zoneinfo-2018e-noarch-2_slack14.1.txz: Rebuilt. Handle removal of US/Pacific-New timezone. If we see that the machine is using this, it will be automatically switched to US/Pacific. --- .../source/freetype/freetype.CVE-2017-8287.diff | 31 ++++++ patches/source/freetype/freetype.SlackBuild | 123 +++++++++++++++++++++ .../source/freetype/freetype.illadvisederror.diff | 31 ++++++ .../freetype/freetype.subpixel.rendering.diff | 11 ++ patches/source/freetype/slack-desc | 19 ++++ 5 files changed, 215 insertions(+) create mode 100644 patches/source/freetype/freetype.CVE-2017-8287.diff create mode 100755 patches/source/freetype/freetype.SlackBuild create mode 100644 patches/source/freetype/freetype.illadvisederror.diff create mode 100644 patches/source/freetype/freetype.subpixel.rendering.diff create mode 100644 patches/source/freetype/slack-desc (limited to 'patches/source/freetype') diff --git a/patches/source/freetype/freetype.CVE-2017-8287.diff b/patches/source/freetype/freetype.CVE-2017-8287.diff new file mode 100644 index 000000000..4f4b67b1d --- /dev/null +++ b/patches/source/freetype/freetype.CVE-2017-8287.diff @@ -0,0 +1,31 @@ +From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sun, 26 Mar 2017 08:32:09 +0200 +Subject: * src/psaux/psobjs.c (t1_builder_close_contour): Add safety guard. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 + +diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c +index d18e821..0baf836 100644 +--- a/src/psaux/psobjs.c ++++ b/src/psaux/psobjs.c +@@ -1718,6 +1718,14 @@ + first = outline->n_contours <= 1 + ? 0 : outline->contours[outline->n_contours - 2] + 1; + ++ /* in malformed fonts it can happen that a contour was started */ ++ /* but no points were added */ ++ if ( outline->n_contours && first == outline->n_points ) ++ { ++ outline->n_contours--; ++ return; ++ } ++ + /* We must not include the last point in the path if it */ + /* is located on the first point. */ + if ( outline->n_points > 1 ) +-- +cgit v1.0-41-gc330 + diff --git a/patches/source/freetype/freetype.SlackBuild b/patches/source/freetype/freetype.SlackBuild new file mode 100755 index 000000000..b11595535 --- /dev/null +++ b/patches/source/freetype/freetype.SlackBuild @@ -0,0 +1,123 @@ +#!/bin/sh + +# Copyright 2005-2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=freetype +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +BUILD=${BUILD:-2_slack14.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-freetype + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf freetype-$VERSION +tar xvf $CWD/freetype-$VERSION.tar.xz || exit 1 +cd freetype-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# This breaks far too many things. Freetype2 developers will have to get their +# punishment on someone else's distribution. +zcat $CWD/freetype.illadvisederror.diff.gz | patch -p1 --verbose || exit 1 + +# The line below enables code patented by Microsoft, so don't uncomment it +# unless you have a license to use the code and take all legal responsibility +# for doing so. +# Please see this web site for more details: +# http://www.freetype.org/patents.html +#zcat $CWD/freetype.subpixel.rendering.diff.gz | patch -p1 --verbose || exit 1 + +# Security fix: +zcat $CWD/freetype.CVE-2017-8287.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +CFLAGS="$SLKCFLAGS" make setup CFG="--prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} --build=$ARCH-slackware-linux" +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# This shouldn't be needed (apps should pick up -I/usr/include/freetype2 from +# `freetype-config --cflags` while compiling), but it's so often reported as +# a bug that I'll give in to the point. Now that Freetype1 is pretty much gone +# having this link shouldn't hurt anything. Try not to rely on it, though. +mkdir -p $PKG/usr/include +( cd $PKG/usr/include + rm -rf freetype + ln -sf freetype2 freetype +) + +# Can't imagine a lot of use for this: +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/usr/share/man $PKG/usr/man +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/freetype-$VERSION +cp -a \ + docs \ + README \ + $PKG/usr/doc/freetype-$VERSION +# too much +rm -rf $PKG/usr/doc/freetype-$VERSION/docs/reference + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/freetype-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/freetype/freetype.illadvisederror.diff b/patches/source/freetype/freetype.illadvisederror.diff new file mode 100644 index 000000000..b0a33694a --- /dev/null +++ b/patches/source/freetype/freetype.illadvisederror.diff @@ -0,0 +1,31 @@ +diff -Nur freetype-2.5.3.orig/include/freetype.h freetype-2.5.3/include/freetype.h +--- freetype-2.5.3.orig/include/freetype.h 2014-03-06 12:10:31.661681917 -0600 ++++ freetype-2.5.3/include/freetype.h 2014-05-12 01:41:42.002526416 -0500 +@@ -20,13 +20,20 @@ + #define __FREETYPE_H__ + + +-#ifndef FT_FREETYPE_H +-#error "`ft2build.h' hasn't been included yet!" +-#error "Please always use macros to include FreeType header files." +-#error "Example:" +-#error " #include " +-#error " #include FT_FREETYPE_H" +-#endif ++/***************************************************************************/ ++/* */ ++/* If you think breaking almost 100% of all source that links with */ ++/* freetype (anything using a configure file for sure) is a good idea, */ ++/* then feel free to uncomment this block. */ ++/* */ ++/* #ifndef FT_FREETYPE_H */ ++/* #error "`ft2build.h' hasn't been included yet!" */ ++/* #error "Please always use macros to include FreeType header files." */ ++/* #error "Example:" */ ++/* #error " #include " */ ++/* #error " #include FT_FREETYPE_H" */ ++/* #endif */ ++/***************************************************************************/ + + + #include diff --git a/patches/source/freetype/freetype.subpixel.rendering.diff b/patches/source/freetype/freetype.subpixel.rendering.diff new file mode 100644 index 000000000..ab3d479e4 --- /dev/null +++ b/patches/source/freetype/freetype.subpixel.rendering.diff @@ -0,0 +1,11 @@ +--- ./include/config/ftoption.h.orig 2014-03-01 05:27:34.842960857 -0600 ++++ ./include/config/ftoption.h 2014-08-27 13:43:07.351974078 -0500 +@@ -92,7 +92,7 @@ + /* This is done to allow FreeType clients to run unmodified, forcing */ + /* them to display normal gray-level anti-aliased glyphs. */ + /* */ +-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */ ++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING + + + /*************************************************************************/ diff --git a/patches/source/freetype/slack-desc b/patches/source/freetype/slack-desc new file mode 100644 index 000000000..0d179401f --- /dev/null +++ b/patches/source/freetype/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +freetype: freetype (A Free, High-Quality, and Portable Font Engine) +freetype: +freetype: The FreeType engine is a free and portable TrueType font rendering +freetype: engine. It has been developed to provide TrueType support to a +freetype: great variety of platforms and environments. +freetype: +freetype: +freetype: +freetype: +freetype: +freetype: -- cgit v1.2.3