36bdaa2e5d
Fixes: CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font can cause an out-of-bounds read resulting in arbitrary code execution. An attacker can provide a malicious font to trigger this vulnerability. CVE-2016-1522 - An exploitable NULL pointer dereference exists in the bidirectional font handling functionality of Libgraphite. A specially crafted font can cause a NULL pointer dereference resulting in a crash. An attacker can provide a malicious font to trigger this vulnerability. CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the context item handling functionality of Libgraphite. A specially crafted font can cause a buffer overflow resulting in potential code execution. An attacker can provide a malicious font to trigger this vulnerability. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
24 lines
746 B
Makefile
24 lines
746 B
Makefile
################################################################################
|
|
#
|
|
# graphite2
|
|
#
|
|
################################################################################
|
|
|
|
GRAPHITE2_VERSION = 1.3.5
|
|
GRAPHITE2_SOURCE = graphite2-$(GRAPHITE2_VERSION).tgz
|
|
GRAPHITE2_SITE = http://downloads.sourceforge.net/project/silgraphite/graphite2
|
|
GRAPHITE2_INSTALL_STAGING = YES
|
|
GRAPHITE2_LICENSE = LGPLv2.1+
|
|
GRAPHITE2_LICENSE_FILES = LICENSE
|
|
|
|
# Avoid building docs and tests to save time
|
|
define GRAPHITE2_DISABLE_TESTS_DOC
|
|
$(SED) '/^add_subdirectory(doc)/d' \
|
|
-e '/^add_subdirectory(tests)/d' \
|
|
-e '/add_subdirectory(gr2fonttest)/d' \
|
|
$(@D)/CMakeLists.txt
|
|
endef
|
|
GRAPHITE2_POST_PATCH_HOOKS += GRAPHITE2_DISABLE_TESTS_DOC
|
|
|
|
$(eval $(cmake-package))
|