matthieu
f99cf4f7a6
Fix for CVE-2011-0226 from Freetype git repository.
2011-07-18 21:15:33 +00:00
matthieu
f6c615f075
Update to freetype 2.4.5. Tested by many.
2011-07-18 20:29:56 +00:00
matthieu
21087514c1
Update to freetype 2.4.4. Tested by shadchin@, ajacoutot@, krw@.
2010-12-19 16:08:12 +00:00
matthieu
4aee46235d
Security MFC for CVE-2010-3855
...
commit 59eb9f8cfe7d1df379a2318316d1f04f80fba54a
Author: Werner Lemberg <wl@gnu.org>
Date: Tue Oct 12 07:49:17 2010 +0200
Fix Savannah bug #31310 .
* src/truetype/ttgxvar.c (ft_var_readpackedpoints): Protect against
invalid `runcnt' values.
2010-11-06 16:46:57 +00:00
matthieu
625c5107a5
MFC security fix for CVE-2010-3814
...
commit 0edf0986f3be570f5bf90ff245a85c1675f5c9a4
Author: Werner Lemberg <wl@gnu.org>
Date: Wed Oct 6 11:52:27 2010 +0200
[truetype] Improve error handling of `SHZ' bytecode instruction.
Problem reported by Chris Evans <scarybeasts@gmail.com>.
* src/truetype/ttinterp.c (Ins_SHZ): Check `last_point'.
2010-11-06 16:45:49 +00:00
matthieu
bfe3d87ade
Update to freetype 2.4.3. Tested at least by krw@, ajacoutot@ and jasper@
2010-10-23 19:30:16 +00:00
matthieu
45438d0119
Update to freetype 2.4.2. This has been in snapshots for a while
...
and tested explicitely by ajacoutot@ jasper@, jcs@, krw@ and others
on various architectures.
2010-09-01 19:14:23 +00:00
matthieu
2b3e93e33b
patches from Freetype.org for the security issues found by Robert Swiecki:
...
CVE-2010-2497 freetype integer underflow
CVE-2010-2498 freetype invalid free
CVE-2010-2499 freetype buffer overflow
CVE-2010-2500 freetype integer overflow
CVE-2010-2519 freetype heap buffer overflow
CVE-2010-2520 freetype buffer overflow on heap
2010-07-17 14:06:43 +00:00
matthieu
d9a92f27a6
use INSTALL_DATA in BSD Makefiles. ok oga@
2010-05-08 14:15:29 +00:00
matthieu
54193b0f27
Missing resurected files in freetype 2.3.12
2010-03-25 20:53:34 +00:00
matthieu
1be5fe96c1
Update to freetpe 2.3.12. Tested against ports by naddy@.
2010-03-25 20:49:53 +00:00
matthieu
df0647377b
Update to freetpe 2.3.12. Tested against ports by naddy@.
2010-03-25 20:32:36 +00:00
matthieu
164d06ad38
Fixes for CVE-2009-0946 from freetype2 git repository:
...
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large values
in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.
Plus one additional fix for malformed compressed data.
2009-04-27 07:11:16 +00:00
matthieu
e2d272f607
put libz back into Libs:. Fixes vax linking.
2009-03-26 19:04:00 +00:00
matthieu
703afbb0a2
update to freetype-docs 2.3.9
2009-03-26 07:36:34 +00:00
matthieu
8a907a311b
Update to Freetype 2.3.9.
...
Bump major to be safe.
Small arm assembler fix in ftconfig.h by drahn@
2009-03-26 07:31:44 +00:00
matthieu
87859a9c26
Update to Freetype 2.3.8. Tested by jsg@.
2009-03-10 20:28:33 +00:00
matthieu
f8e0dbd0cd
Update to Freetype 2.3.7. This is a bug fix release. No API change.
2008-08-21 05:09:08 +00:00
matthieu
6f11b80c67
Update to freetype 2.3.6.
...
Contains security fixes for CVE-2008-1806, CVE-2008-1807 and CVE-2008-1808.
Tested by many.
2008-06-22 17:37:35 +00:00
matthieu
1969f0b7b1
Don't hard-code sizeof(long) in ftconfig.h. Fixes 64bit architectures.
...
Problem noticed by sturm@.
2007-11-24 15:48:33 +00:00
matthieu
8f07cc07fd
Use buils/unix/ftsystem.c instead of the generic ANSI C one, which
...
doesn't set CLOSE_ON_EXEC on files descriptors opened by freetype.
Fixes a fd leak reported by kurt@. Tested by naddy@ and others.
2007-10-27 07:09:48 +00:00
matthieu
3c28b922f5
More bits for freetype 2.3.5
2007-09-08 16:59:03 +00:00
matthieu
f4cb73c397
Merge freetype 2.3.5. Tested by naddy@ and mbalmer@.
2007-09-08 16:39:54 +00:00
matthieu
f731f6acb5
import freetype 2.3.5
2007-09-08 16:28:30 +00:00
matthieu
e51592142f
fix two instances XORG_PREFIX that escaped renaming to X11BASE.
2007-05-29 15:37:57 +00:00
matthieu
15235d0d22
Fix for CVE-2007-2754: integer overflow that can lead to an heap overflow.
...
Discovered by Victor Stinner. Patch from Freetype repository.
2007-05-25 01:23:29 +00:00
matthieu
8c80956fab
Don't include debugging symbols.
2007-04-07 15:37:50 +00:00
david
0440c6780f
fix $OpenBSD$ RCS tags; ok matthieu@
2007-04-04 22:30:55 +00:00
todd
517a55a2c5
bdf CVE-2007-1351
...
BDFFont Parsing Integer Overflow Vulnerability
The discoverer of this vulnerability wishes to remain anonymous.
from matthieu@
2007-04-04 02:51:57 +00:00
matthieu
77cb7f251b
Revert local debug stuff that wasn't meant to be committed.
2007-03-25 13:22:40 +00:00
matthieu
00a847b3f8
regen with libtool 1.5.22p9
2007-03-25 13:02:54 +00:00
matthieu
d94e76056c
Missed a sed substitution for freetype2.pc.
...
Noticed by Frederick C. Druseikis, thanks.
2006-12-23 10:42:41 +00:00
matthieu
6a5579f8e8
Make 'obj' now can make symlinks to /usr/obj/xenocara (or any other
...
directory designed by XENOCARA_OBJDIR in /etc/mk.conf).
2006-12-02 16:28:48 +00:00
matthieu
111eb3bc11
Disable profiled libs.
2006-11-29 18:03:09 +00:00
matthieu
b455532e54
$Xenocara$ -> $OpenBSD$
2006-11-27 19:56:35 +00:00
matthieu
a6d8ae2911
${DIST} is gone.
2006-11-27 00:27:52 +00:00
matthieu
f956426aeb
build infrastructure and OpenBSD customisation for Freetype 2.2.1
2006-11-26 11:54:18 +00:00
matthieu
68f868c8f6
Import freetype 2.2.1
2006-11-25 18:44:16 +00:00