diff options
| author | Li Zhou <li.zhou@windriver.com> | 2015-04-27 10:54:22 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-04-28 07:56:57 +0100 |
| commit | ae736dbdd140975ba43f06e635b461dbf36a117e (patch) | |
| tree | 0f8f690377350ac878ba69d14083867eb02076f1 /meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb | |
| parent | 8f8858bfb00a9a349069cb4e8f44c675a7913739 (diff) | |
| download | poky-ae736dbdd140975ba43f06e635b461dbf36a117e.tar.gz | |
libxfont: Security Advisory - libxfont - CVE-2015-1804
bdfReadCharacters: ensure metrics fit into xCharInfo struct
We use 32-bit ints to read from the bdf file, but then try to stick
into a 16-bit int in the xCharInfo struct, so make sure they won't
overflow that range.
(From OE-Core rev: 4dd4b96b6d60246338bb30ede9f3ab1b2e757be9)
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb')
| -rw-r--r-- | meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb b/meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb index 64ec6a3422..dfd2dc67a2 100644 --- a/meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb +++ b/meta/recipes-graphics/xorg-lib/libxfont_1.5.0.bb | |||
| @@ -20,6 +20,7 @@ BBCLASSEXTEND = "native" | |||
| 20 | 20 | ||
| 21 | SRC_URI += "file://0001-bdfReadProperties-property-count-needs-range-check-C.patch \ | 21 | SRC_URI += "file://0001-bdfReadProperties-property-count-needs-range-check-C.patch \ |
| 22 | file://0001-bdfReadCharacters-bailout-if-a-char-s-bitmap-cannot-.patch \ | 22 | file://0001-bdfReadCharacters-bailout-if-a-char-s-bitmap-cannot-.patch \ |
| 23 | file://0001-bdfReadCharacters-ensure-metrics-fit-into-xCharInfo-.patch \ | ||
| 23 | " | 24 | " |
| 24 | 25 | ||
| 25 | SRC_URI[md5sum] = "664629bfa7cdf8b984155019fd395dcb" | 26 | SRC_URI[md5sum] = "664629bfa7cdf8b984155019fd395dcb" |