diff options
author | Eren Türkay <eren@hambedded.org> | 2012-12-28 01:00:00 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2012-12-31 09:42:49 +0000 |
commit | b693f6d3d48b281fbbf71fd56996c85e23c3a9c9 (patch) | |
tree | f5e9634a4e1ce38bec0ffc37615722148fa2b4d1 /meta/recipes-graphics/freetype/freetype_2.4.11.bb | |
parent | f116dc32240e2f2d3c6e9bc8bc3320862f5116d3 (diff) | |
download | openembedded-core-contrib-b693f6d3d48b281fbbf71fd56996c85e23c3a9c9.tar.gz |
freetype: update to 2.4.11 which includes fixes for CVE-2012-{5668, 5669, 5670}
Multiple security issues were reported by Mateusz Jurczyk of Google
security team. These have been fixed in freetype 2.4.11. Details are as
follows.
* CVE-2012-5668: NULL Pointer Dereference in bdf_free_font
Bug: https://savannah.nongnu.org/bugs/?37905
Patch:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a
* CVE-2012-5669: Out-of-bounds read in _bdf_parse_glyphs
Bug: https://savannah.nongnu.org/bugs/?37906
Patch:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d
* CVE-2012-5670: Out-of-bounds write in _bdf_parse_glyphs
Bug: https://savannah.nongnu.org/bugs/?37907
Patch:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8
For original e-mail and CVE assignment, see the following URLs:
http://www.openwall.com/lists/oss-security/2012/12/25/1
http://www.openwall.com/lists/oss-security/2012/12/25/2
Signed-off-by: Eren Türkay <eren@hambedded.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/recipes-graphics/freetype/freetype_2.4.11.bb')
-rw-r--r-- | meta/recipes-graphics/freetype/freetype_2.4.11.bb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/meta/recipes-graphics/freetype/freetype_2.4.11.bb b/meta/recipes-graphics/freetype/freetype_2.4.11.bb new file mode 100644 index 0000000000..53fde1d948 --- /dev/null +++ b/meta/recipes-graphics/freetype/freetype_2.4.11.bb @@ -0,0 +1,53 @@ +SUMMARY = "Freetype font rendering library" +DESCRIPTION = "FreeType is a software font engine that is designed to be small, efficient, \ +highly customizable, and portable while capable of producing high-quality output (glyph \ +images). It can be used in graphics libraries, display servers, font conversion tools, text \ +image generation tools, and many other products as well." +HOMEPAGE = "http://www.freetype.org/" +BUGTRACKER = "https://savannah.nongnu.org/bugs/?group=freetype" + +LICENSE = "FreeType | GPLv2+" +LIC_FILES_CHKSUM = "file://docs/LICENSE.TXT;md5=28d5381b1bef2649c59f20c20bae4f39 \ + file://docs/FTL.TXT;md5=d479e83797f699fe873b38dadd0fcd4c \ + file://docs/GPLv2.TXT;md5=8ef380476f642c20ebf40fecb0add2ec" + +SECTION = "libs" + +PR = "r0" + +SRC_URI = "${SOURCEFORGE_MIRROR}/freetype/freetype-${PV}.tar.bz2 \ + file://no-hardcode.patch" + +SRC_URI[md5sum] = "b93435488942486c8d0ca22e8f768034" +SRC_URI[sha256sum] = "ef9d0bcb64647d9e5125dc7534d7ca371c98310fec87677c410f397f71ffbe3f" + +S = "${WORKDIR}/freetype-${PV}" + +inherit autotools pkgconfig binconfig + +LIBTOOL = "${S}/builds/unix/${HOST_SYS}-libtool" +EXTRA_OEMAKE = "'LIBTOOL=${LIBTOOL}'" +EXTRA_OEMAKE_class-native = "" +EXTRA_OECONF = "--without-zlib --without-bzip2 CC_BUILD='${BUILD_CC}'" + +do_configure() { + cd builds/unix + libtoolize --force --copy + aclocal -I . + gnu-configize --force + autoconf + cd ${S} + oe_runconf +} + +do_configure_class-native() { + (cd builds/unix && gnu-configize) || die "failure running gnu-configize" + oe_runconf +} + +do_compile_prepend() { + ${BUILD_CC} -o objs/apinames src/tools/apinames.c +} + +BBCLASSEXTEND = "native" + |