Update to libXfont 1.5.4
This commit is contained in:
parent
e19bfc2895
commit
698c744cef
@ -1,3 +1,56 @@
|
||||
commit 7d246751628bb877e04da762ec1a2e41ffa62154
|
||||
Author: Matthieu Herrb <matthieu@herrb.eu>
|
||||
Date: Tue Nov 28 15:33:15 2017 +0100
|
||||
|
||||
libXfont 1.5.4
|
||||
|
||||
commit 5ed8ac0e4f063825b8ecda48e9a111d3ce92e825
|
||||
Author: Michal Srb <msrb@suse.com>
|
||||
Date: Thu Oct 26 09:48:13 2017 +0200
|
||||
|
||||
Open files with O_NOFOLLOW. (CVE-2017-16611)
|
||||
|
||||
A non-privileged X client can instruct X server running under root to open any
|
||||
file by creating own directory with "fonts.dir", "fonts.alias" or any font file
|
||||
being a symbolic link to any other file in the system. X server will then open
|
||||
it. This can be issue with special files such as /dev/watchdog.
|
||||
|
||||
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
|
||||
|
||||
commit f581c2346d025d5b15926db9e58f254173fb58dc
|
||||
Author: Matt Turner <mattst88@gmail.com>
|
||||
Date: Thu Oct 19 13:45:58 2017 -0700
|
||||
|
||||
libXfont 1.5.3
|
||||
|
||||
Signed-off-by: Matt Turner <mattst88@gmail.com>
|
||||
|
||||
commit 3b08934dca75e4c559db7d83797bc3d365c2a50a
|
||||
Author: Michal Srb <msrb@suse.com>
|
||||
Date: Thu Jul 20 17:05:23 2017 +0200
|
||||
|
||||
pcfGetProperties: Check string boundaries (CVE-2017-13722)
|
||||
|
||||
Without the checks a malformed PCF file can cause the library to make
|
||||
atom from random heap memory that was behind the `strings` buffer.
|
||||
This may crash the process or leak information.
|
||||
|
||||
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
||||
(cherry picked from commit 672bb944311392e2415b39c0d63b1e1902905bcd)
|
||||
|
||||
commit a2a5fa591762b430037e33f1df55b460550ab406
|
||||
Author: Michal Srb <msrb@suse.com>
|
||||
Date: Thu Jul 20 13:38:53 2017 +0200
|
||||
|
||||
Check for end of string in PatternMatch (CVE-2017-13720)
|
||||
|
||||
If a pattern contains '?' character, any character in the string is skipped,
|
||||
even if it is '\0'. The rest of the matching then reads invalid memory.
|
||||
|
||||
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
|
||||
Signed-off-by: Julien Cristau <jcristau@debian.org>
|
||||
(cherry picked from commit d1e670a4a8704b8708e493ab6155589bcd570608)
|
||||
|
||||
commit 8cce9834b2e74dccad94ca0adf79ae5585e37d48
|
||||
Author: Adam Jackson <ajax@redhat.com>
|
||||
Date: Wed Aug 31 16:19:11 2016 -0400
|
||||
|
20
lib/libXfont/configure
vendored
20
lib/libXfont/configure
vendored
@ -1,6 +1,6 @@
|
||||
#! /bin/sh
|
||||
# Guess values for system-dependent variables and create Makefiles.
|
||||
# Generated by GNU Autoconf 2.69 for libXfont 1.5.3.
|
||||
# Generated by GNU Autoconf 2.69 for libXfont 1.5.4.
|
||||
#
|
||||
# Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=xorg>.
|
||||
#
|
||||
@ -651,8 +651,8 @@ MAKEFLAGS=
|
||||
# Identity of this package.
|
||||
PACKAGE_NAME='libXfont'
|
||||
PACKAGE_TARNAME='libXfont'
|
||||
PACKAGE_VERSION='1.5.3'
|
||||
PACKAGE_STRING='libXfont 1.5.3'
|
||||
PACKAGE_VERSION='1.5.4'
|
||||
PACKAGE_STRING='libXfont 1.5.4'
|
||||
PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=xorg'
|
||||
PACKAGE_URL=''
|
||||
|
||||
@ -1468,7 +1468,7 @@ if test "$ac_init_help" = "long"; then
|
||||
# Omit some internal or obsolete options to make the list less imposing.
|
||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||
cat <<_ACEOF
|
||||
\`configure' configures libXfont 1.5.3 to adapt to many kinds of systems.
|
||||
\`configure' configures libXfont 1.5.4 to adapt to many kinds of systems.
|
||||
|
||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||
|
||||
@ -1538,7 +1538,7 @@ fi
|
||||
|
||||
if test -n "$ac_init_help"; then
|
||||
case $ac_init_help in
|
||||
short | recursive ) echo "Configuration of libXfont 1.5.3:";;
|
||||
short | recursive ) echo "Configuration of libXfont 1.5.4:";;
|
||||
esac
|
||||
cat <<\_ACEOF
|
||||
|
||||
@ -1687,7 +1687,7 @@ fi
|
||||
test -n "$ac_init_help" && exit $ac_status
|
||||
if $ac_init_version; then
|
||||
cat <<\_ACEOF
|
||||
libXfont configure 1.5.3
|
||||
libXfont configure 1.5.4
|
||||
generated by GNU Autoconf 2.69
|
||||
|
||||
Copyright (C) 2012 Free Software Foundation, Inc.
|
||||
@ -2213,7 +2213,7 @@ cat >config.log <<_ACEOF
|
||||
This file contains any messages produced by compilers while
|
||||
running configure, to aid debugging if configure makes a mistake.
|
||||
|
||||
It was created by libXfont $as_me 1.5.3, which was
|
||||
It was created by libXfont $as_me 1.5.4, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
$ $0 $@
|
||||
@ -3042,7 +3042,7 @@ fi
|
||||
|
||||
# Define the identity of the package.
|
||||
PACKAGE='libXfont'
|
||||
VERSION='1.5.3'
|
||||
VERSION='1.5.4'
|
||||
|
||||
|
||||
cat >>confdefs.h <<_ACEOF
|
||||
@ -19970,7 +19970,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
||||
# report actual input values of CONFIG_FILES etc. instead of their
|
||||
# values after options handling.
|
||||
ac_log="
|
||||
This file was extended by libXfont $as_me 1.5.3, which was
|
||||
This file was extended by libXfont $as_me 1.5.4, which was
|
||||
generated by GNU Autoconf 2.69. Invocation command line was
|
||||
|
||||
CONFIG_FILES = $CONFIG_FILES
|
||||
@ -20036,7 +20036,7 @@ _ACEOF
|
||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||
ac_cs_version="\\
|
||||
libXfont config.status 1.5.3
|
||||
libXfont config.status 1.5.4
|
||||
configured by $0, generated by GNU Autoconf 2.69,
|
||||
with options \\"\$ac_cs_config\\"
|
||||
|
||||
|
@ -21,7 +21,7 @@
|
||||
|
||||
# Initialize Autoconf
|
||||
AC_PREREQ([2.60])
|
||||
AC_INIT([libXfont], [1.5.3],
|
||||
AC_INIT([libXfont], [1.5.4],
|
||||
[https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [libXfont])
|
||||
AC_CONFIG_SRCDIR([Makefile.am])
|
||||
AC_CONFIG_HEADERS([config.h include/X11/fonts/fontconf.h])
|
||||
|
@ -41,6 +41,7 @@ in this Software without prior written authorization from The Open Group.
|
||||
#include <stdio.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <fcntl.h>
|
||||
#include <errno.h>
|
||||
#include <limits.h>
|
||||
|
||||
@ -60,8 +61,9 @@ FontFileReadDirectory (const char *directory, FontDirectoryPtr *pdir)
|
||||
char dir_file[MAXFONTFILENAMELEN];
|
||||
char dir_path[MAXFONTFILENAMELEN];
|
||||
char *ptr;
|
||||
FILE *file;
|
||||
int count,
|
||||
FILE *file = 0;
|
||||
int file_fd,
|
||||
count,
|
||||
num_fonts,
|
||||
status;
|
||||
struct stat statb;
|
||||
@ -91,7 +93,14 @@ FontFileReadDirectory (const char *directory, FontDirectoryPtr *pdir)
|
||||
if (dir_file[strlen(dir_file) - 1] != '/')
|
||||
strcat(dir_file, "/");
|
||||
strcat(dir_file, FontDirFile);
|
||||
#ifndef WIN32
|
||||
file_fd = open(dir_file, O_RDONLY | O_NOFOLLOW);
|
||||
if (file_fd >= 0) {
|
||||
file = fdopen(file_fd, "rt");
|
||||
}
|
||||
#else
|
||||
file = fopen(dir_file, "rt");
|
||||
#endif
|
||||
if (file) {
|
||||
#ifndef WIN32
|
||||
if (fstat (fileno(file), &statb) == -1)
|
||||
@ -261,7 +270,8 @@ ReadFontAlias(char *directory, Bool isFile, FontDirectoryPtr *pdir)
|
||||
char alias[MAXFONTNAMELEN];
|
||||
char font_name[MAXFONTNAMELEN];
|
||||
char alias_file[MAXFONTFILENAMELEN];
|
||||
FILE *file;
|
||||
int file_fd;
|
||||
FILE *file = 0;
|
||||
FontDirectoryPtr dir;
|
||||
int token;
|
||||
char *lexToken;
|
||||
@ -279,7 +289,16 @@ ReadFontAlias(char *directory, Bool isFile, FontDirectoryPtr *pdir)
|
||||
strcat(alias_file, "/");
|
||||
strcat(alias_file, FontAliasFile);
|
||||
}
|
||||
|
||||
#ifndef WIN32
|
||||
file_fd = open(alias_file, O_RDONLY | O_NOFOLLOW);
|
||||
if (file_fd >= 0) {
|
||||
file = fdopen(file_fd, "rt");
|
||||
}
|
||||
#else
|
||||
file = fopen(alias_file, "rt");
|
||||
#endif
|
||||
|
||||
if (!file)
|
||||
return ((errno == ENOENT) ? Successful : BadFontPath);
|
||||
if (!dir)
|
||||
|
@ -39,6 +39,9 @@ in this Software without prior written authorization from The Open Group.
|
||||
#ifndef O_CLOEXEC
|
||||
#define O_CLOEXEC 0
|
||||
#endif
|
||||
#ifndef O_NOFOLLOW
|
||||
#define O_NOFOLLOW 0
|
||||
#endif
|
||||
|
||||
FontFilePtr
|
||||
FontFileOpen (const char *name)
|
||||
@ -47,7 +50,7 @@ FontFileOpen (const char *name)
|
||||
int len;
|
||||
BufFilePtr raw, cooked;
|
||||
|
||||
fd = open (name, O_BINARY|O_CLOEXEC);
|
||||
fd = open (name, O_BINARY|O_CLOEXEC|O_NOFOLLOW);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
raw = BufFileOpenRead (fd);
|
||||
|
Loading…
Reference in New Issue
Block a user