NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1addb8959a
kumquat-buildroot/package/graphite2/0001-disable-double-promotion.patch
Gustavo Zacarias 36bdaa2e5d graphite2: security bump to version 1.3.5 
Fixes:
CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists
in the opcode handling functionality of Libgraphite. A specially crafted
font can cause an out-of-bounds read resulting in arbitrary code
execution. An attacker can provide a malicious font to trigger this
vulnerability.
CVE-2016-1522 - An exploitable NULL pointer dereference exists in the
bidirectional font handling functionality of Libgraphite. A specially
crafted font can cause a NULL pointer dereference resulting in a crash.
An attacker can provide a malicious font to trigger this vulnerability.
CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the
context item handling functionality of Libgraphite. A specially crafted
font can cause a buffer overflow resulting in potential code execution.
An attacker can provide a malicious font to trigger this vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-15 22:30:24 +01:00

22 lines
1.1 KiB
Diff
Raw Blame History

Don't use -Wdouble-promotion gcc option
The warning flag isn't recognized for older GCC versions (blackfin),
so just disable it.
Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
[Gustavo: update for 1.3.5]
diff -Nura graphite2-1.3.5.orig/src/CMakeLists.txt graphite2-1.3.5/src/CMakeLists.txt
--- graphite2-1.3.5.orig/src/CMakeLists.txt 2016-02-15 11:46:45.941906112 -0300
+++ graphite2-1.3.5/src/CMakeLists.txt 2016-02-15 11:46:54.237194222 -0300
@@ -111,9 +111,6 @@
COMPILE_FLAGS "-Wall -Wextra -Wno-unknown-pragmas -Wendif-labels -Wshadow -Wctor-dtor-privacy -Wnon-virtual-dtor -fno-rtti -fno-exceptions -fvisibility=hidden -fvisibility-inlines-hidden -fno-stack-protector"
LINK_FLAGS "-nodefaultlibs ${GRAPHITE_LINK_FLAGS}"
LINKER_LANGUAGE C)
- if (CMAKE_COMPILER_IS_GNUCXX)
- add_definitions(-Wdouble-promotion)
- endif (CMAKE_COMPILER_IS_GNUCXX)
message(STATUS "Compiler ID is: ${CMAKE_CXX_COMPILER_ID}")
if (${CMAKE_CXX_COMPILER_ID} STREQUAL "Clang")
add_definitions(-Wimplicit-fallthrough)
Reference in New Issue View Git Blame Copy Permalink