summaryrefslogtreecommitdiff
path: root/system
diff options
context:
space:
mode:
authorA. Wilcox <AWilcox@Wilcox-Tech.com>2018-06-11 21:51:10 -0500
committerA. Wilcox <AWilcox@Wilcox-Tech.com>2018-06-11 21:51:10 -0500
commitb9e85bbdcf38547ef2ca4e5c2a6e6293bbcd2752 (patch)
treef5670d7c9f6242d85f34a908190db62f1d1aea81 /system
parente54bf24f643b0c44332f4f43dfaf3f8895505b39 (diff)
downloadpackages-b9e85bbdcf38547ef2ca4e5c2a6e6293bbcd2752.tar.gz
packages-b9e85bbdcf38547ef2ca4e5c2a6e6293bbcd2752.tar.bz2
packages-b9e85bbdcf38547ef2ca4e5c2a6e6293bbcd2752.tar.xz
packages-b9e85bbdcf38547ef2ca4e5c2a6e6293bbcd2752.zip
system/freetype: sec bump (this will be moved back to user/ for beta1 rebuild)
Diffstat (limited to 'system')
-rw-r--r--system/freetype/0001-Enable-table-validation-modules.patch34
-rw-r--r--system/freetype/0002-Enable-subpixel-rendering.patch25
-rw-r--r--system/freetype/0003-Enable-infinality-subpixel-hinting.patch27
-rw-r--r--system/freetype/0004-Enable-long-PCF-family-names.patch25
-rw-r--r--system/freetype/40-memcpy-fix.patch14
-rw-r--r--system/freetype/APKBUILD57
-rw-r--r--system/freetype/freetype-profile.sh12
7 files changed, 194 insertions, 0 deletions
diff --git a/system/freetype/0001-Enable-table-validation-modules.patch b/system/freetype/0001-Enable-table-validation-modules.patch
new file mode 100644
index 000000000..3e9451fa8
--- /dev/null
+++ b/system/freetype/0001-Enable-table-validation-modules.patch
@@ -0,0 +1,34 @@
+From c3680bf8d38cf759c1e33dcc2d2d51e0a4fea2f9 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Tue, 23 Jun 2015 08:40:29 +0200
+Subject: [PATCH 1/3] Enable table validation modules
+
+---
+ modules.cfg | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/modules.cfg b/modules.cfg
+index f30049c38cc45159..7b8e50fe1b34584a 100644
+--- a/modules.cfg
++++ b/modules.cfg
+@@ -120,7 +120,7 @@ AUX_MODULES += cache
+ # TrueType GX/AAT table validation. Needs ftgxval.c below.
+ #
+ # No FT_CONFIG_OPTION_PIC support.
+-# AUX_MODULES += gxvalid
++AUX_MODULES += gxvalid
+
+ # Support for streams compressed with gzip (files with suffix .gz).
+ #
+@@ -143,7 +143,7 @@ AUX_MODULES += bzip2
+ # OpenType table validation. Needs ftotval.c below.
+ #
+ # No FT_CONFIG_OPTION_PIC support.
+-# AUX_MODULES += otvalid
++AUX_MODULES += otvalid
+
+ # Auxiliary PostScript driver component to share common code.
+ #
+--
+2.9.3
+
diff --git a/system/freetype/0002-Enable-subpixel-rendering.patch b/system/freetype/0002-Enable-subpixel-rendering.patch
new file mode 100644
index 000000000..dfb57966e
--- /dev/null
+++ b/system/freetype/0002-Enable-subpixel-rendering.patch
@@ -0,0 +1,25 @@
+From 96f09f08417887b2618c177bccfb6da2906568d9 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Tue, 23 Jun 2015 08:43:07 +0200
+Subject: [PATCH 2/3] Enable subpixel rendering
+
+---
+ include/freetype/config/ftoption.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/freetype/config/ftoption.h b/include/freetype/config/ftoption.h
+index 90c123ef93e9ea04..67a361dd41e0b026 100644
+--- a/include/freetype/config/ftoption.h
++++ b/include/freetype/config/ftoption.h
+@@ -122,7 +122,7 @@ FT_BEGIN_HEADER
+ /* This is done to allow FreeType clients to run unmodified, forcing */
+ /* them to display normal gray-level anti-aliased glyphs. */
+ /* */
+-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */
++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING
+
+
+ /*************************************************************************/
+--
+2.9.3
+
diff --git a/system/freetype/0003-Enable-infinality-subpixel-hinting.patch b/system/freetype/0003-Enable-infinality-subpixel-hinting.patch
new file mode 100644
index 000000000..bbfa2a2cd
--- /dev/null
+++ b/system/freetype/0003-Enable-infinality-subpixel-hinting.patch
@@ -0,0 +1,27 @@
+From 220e96a9a8d7aff6ad0f0f1aa12c79cdb563331c Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Mon, 29 Aug 2016 08:43:10 +0200
+Subject: [PATCH 3/3] Enable infinality subpixel hinting
+
+---
+ include/freetype/config/ftoption.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/include/freetype/config/ftoption.h b/include/freetype/config/ftoption.h
+index 67a361dd41e0b026..c4812862518b66a6 100644
+--- a/include/freetype/config/ftoption.h
++++ b/include/freetype/config/ftoption.h
+@@ -675,8 +675,8 @@ FT_BEGIN_HEADER
+ /* [1] http://www.microsoft.com/typography/cleartype/truetypecleartype.aspx */
+ /* */
+ /* #define TT_CONFIG_OPTION_SUBPIXEL_HINTING 1 */
+-#define TT_CONFIG_OPTION_SUBPIXEL_HINTING 2
+-/* #define TT_CONFIG_OPTION_SUBPIXEL_HINTING ( 1 | 2 ) */
++/* #define TT_CONFIG_OPTION_SUBPIXEL_HINTING 2 */
++#define TT_CONFIG_OPTION_SUBPIXEL_HINTING ( 1 | 2 )
+
+
+ /*************************************************************************/
+--
+2.9.3
+
diff --git a/system/freetype/0004-Enable-long-PCF-family-names.patch b/system/freetype/0004-Enable-long-PCF-family-names.patch
new file mode 100644
index 000000000..675423a7c
--- /dev/null
+++ b/system/freetype/0004-Enable-long-PCF-family-names.patch
@@ -0,0 +1,25 @@
+From 62da6a0f7f5cb77859a793863c386c452411e2a6 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Sun, 14 May 2017 18:09:31 +0200
+Subject: [PATCH 4/4] Enable long PCF family names
+
+---
+ include/freetype/config/ftoption.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/freetype/config/ftoption.h b/include/freetype/config/ftoption.h
+index ebb44acdbbef9a47..0b39b417162707e4 100644
+--- a/include/freetype/config/ftoption.h
++++ b/include/freetype/config/ftoption.h
+@@ -865,7 +865,7 @@ FT_BEGIN_HEADER
+ /* If this option is activated, it can be controlled with the */
+ /* `no-long-family-names' property of the pcf driver module. */
+ /* */
+-/* #define PCF_CONFIG_OPTION_LONG_FAMILY_NAMES */
++#define PCF_CONFIG_OPTION_LONG_FAMILY_NAMES
+
+
+ /*************************************************************************/
+--
+2.13.0
+
diff --git a/system/freetype/40-memcpy-fix.patch b/system/freetype/40-memcpy-fix.patch
new file mode 100644
index 000000000..89e61cd0b
--- /dev/null
+++ b/system/freetype/40-memcpy-fix.patch
@@ -0,0 +1,14 @@
+--- ./src/psaux/psobjs.c~ 2006-04-26 16:38:17.000000000 +0200
++++ ./src/psaux/psobjs.c 2006-09-10 15:01:13.000000000 +0200
+@@ -165,6 +165,11 @@
+ return PSaux_Err_Invalid_Argument;
+ }
+
++ if ( length < 0 ) {
++ FT_ERROR(( "ps_table_add: invalid length\n" ));
++ return PSaux_Err_Invalid_Argument;
++ }
++
+ /* grow the base block if needed */
+ if ( table->cursor + length > table->capacity )
+ {
diff --git a/system/freetype/APKBUILD b/system/freetype/APKBUILD
new file mode 100644
index 000000000..37ab71932
--- /dev/null
+++ b/system/freetype/APKBUILD
@@ -0,0 +1,57 @@
+# Contributor: Carlo Landmeter <clandmeter@gmail.com>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
+pkgname=freetype
+pkgver=2.9.1
+pkgrel=0
+pkgdesc="TrueType font rendering library"
+url="https://www.freetype.org/"
+arch="all"
+license="GPL"
+options="!check"
+depends=""
+depends_dev=""
+makedepends="$depends_dev zlib-dev libpng-dev bzip2-dev"
+subpackages="$pkgname-dev"
+source="http://download.savannah.gnu.org/releases/freetype/freetype-$pkgver.tar.bz2
+ 40-memcpy-fix.patch
+ 0001-Enable-table-validation-modules.patch
+ 0003-Enable-infinality-subpixel-hinting.patch
+ 0004-Enable-long-PCF-family-names.patch
+
+ freetype-profile.sh
+ "
+
+# secfixes:
+# 2.9.1-r0:
+# - CVE-2018-6942
+# 2.7.1-r1:
+# - CVE-2017-8105
+# - CVE-2017-8287
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --disable-static \
+ --with-bzip2 \
+ --with-png
+ make
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+
+ install -Dm644 "$srcdir"/freetype-profile.sh \
+ "$pkgdir"/etc/profile.d/freetype.sh
+}
+
+sha512sums="856766e1f3f4c7dc8afb2b5ee991138c8b642c6a6e5e007cd2bc04ae58bde827f082557cf41bf541d97e8485f7fd064d10390d1ee597f19d1daed6c152e27708 freetype-2.9.1.tar.bz2
+9981be8a3ea6f2cf856860b87a4e895e4610c9d5ea4beb611815e757e6080e060f6853ace02dd8ea55e5888cdf4bae5ad5eadd2d8a123754bb3c0bfe7ef41dea 40-memcpy-fix.patch
+41a84be2631b53072a76b78c582575aa48b650ee7b00017d018381002bc25df10cf33da4954c95ef50db39f1fa566678e3b4ae9bfee1dfd705423fb53e53e494 0001-Enable-table-validation-modules.patch
+7b52a3d67750d59b2c98e83dab4e0a0ab263142c2ca7bd5f8be5f8fe9cd1dc1f4debad44111c7886665329d8d2a3163756455618a6615df8f85d82bb0372d4dd 0003-Enable-infinality-subpixel-hinting.patch
+64c20fbcbf48372ea35fe2e0dae8fec4be8c601c899a4a71913060c6ea4082a2f41d69701da511e09fee126bf198d560986469e2356bd088d2dd5961f437df63 0004-Enable-long-PCF-family-names.patch
+7100cde5b2ca16bfbe968fce3e2eba5ba49e6ed53792d5db889c8d89e572d7d80da1338ccc9eeb9b243664ca2337467e9f73c1074bee0b34c417f6c7832ed390 freetype-profile.sh"
diff --git a/system/freetype/freetype-profile.sh b/system/freetype/freetype-profile.sh
new file mode 100644
index 000000000..a4cc6423b
--- /dev/null
+++ b/system/freetype/freetype-profile.sh
@@ -0,0 +1,12 @@
+# Subpixel hinting mode can be chosen by setting the right TrueType interpreter
+# version. The available settings are:
+#
+# truetype:interpreter-version=35 # Classic mode (default in 2.6)
+# truetype:interpreter-version=38 # Infinality mode
+# truetype:interpreter-version=40 # Minimal mode (default in 2.7)
+#
+# There are more properties that can be set, separated by whitespace. Please
+# refer to the FreeType documentation for details.
+
+# Uncomment and configure below
+export FREETYPE_PROPERTIES="truetype:interpreter-version=38"