Accepting request 1299965 from GNOME:Factory

OBS-URL: https://build.opensuse.org/request/show/1299965
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cairo?expand=0&rev=100

_service

@@ -9,11 +9,11 @@
     <param name="versionrewrite-replacement">\1</param>
 <!--    <param name="changesgenerate">enable</param> -->
   </service>
-<!--  <service name="tar" mode="buildtime"/>
+  <service name="tar" mode="buildtime"/>
   <service name="recompress" mode="buildtime">
     <param name="file">*.tar</param>
     <param name="compression">zst</param>
-  </service> -->
+  </service>
   <service name="set_version" mode="manual" />
 </services>
 

b5752618.patch

@@ -0,0 +1,33 @@
+From b57526185d60b3e36bb0f6684cc0ae9ac2294972 Mon Sep 17 00:00:00 2001
+From: William Bader <william@newspapersystems.com>
+Date: Mon, 28 Apr 2025 05:01:45 +0200
+Subject: [PATCH] Fix a NULL access in active_edges_to_traps(). The
+ bentley-ottmann tessellation implementation uses an x of INT32_MAX as a
+ sentinel. If a rectangle has an x of INT32_MAX, active_edges_to_traps() can
+ read past the end of the edge list when building trapezoids. This patch
+ reduces an x of INT32_MAX to INT32_MAX-1. This avoids the crash in
+ https://gitlab.freedesktop.org/poppler/poppler/-/issues/1579 This is an
+ alternative to the patch in
+ https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/620 that adds a
+ check for NULL pointers when traversing the edge list.
+
+---
+ src/cairo-bentley-ottmann-rectangular.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c
+index 65f95d797..be01e04f7 100644
+--- a/src/cairo-bentley-ottmann-rectangular.c
++++ b/src/cairo-bentley-ottmann-rectangular.c
+@@ -847,6 +847,8 @@ _cairo_bentley_ottmann_tessellate_boxes (const cairo_boxes_t *in,
+ 		rectangles[j].left.x = box[i].p2.x;
+ 		rectangles[j].left.dir = -1;
+ 	    }
++	    if (rectangles[j].left.x == INT32_MAX) rectangles[j].left.x = INT32_MAX-1;
++	    if (rectangles[j].right.x == INT32_MAX) rectangles[j].right.x = INT32_MAX-1;
+ 
+ 	    rectangles[j].left.right = NULL;
+ 	    rectangles[j].right.right = NULL;
+-- 
+GitLab
+

cairo-1.18.4.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9aef6a7468983bb00412f0cf076ae30f43940c7b6b99642899ff5166fc8d7ae9
+size 61644302

cairo.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Mon Aug 11 15:14:49 UTC 2025 - Cliff Zhao <qzhao@suse.com>
+
+- Add b5752618.patch:
+  Backport from William Bader's request 621, Fix NULL access
+  in active_edges_to_traps().
+  https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/621/diffs
+  https://gitlab.freedesktop.org/williamb/cairo/-/commit/b5752618
+  (CVE-2025-50422, bsc#1247589)
+
+-------------------------------------------------------------------
+Wed Mar 19 07:23:25 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Switch back to using source service.
+
 -------------------------------------------------------------------
 Mon Mar 17 20:43:30 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
 
@@ -1323,7 +1338,7 @@ Thu Oct 30 12:34:56 CET 2008 - olh@suse.de
 - obsolete old -XXbit packages (bnc#437293)
 
 -------------------------------------------------------------------
-Tue Sep 30 07:06:06 WST 2008 - mboman@suse.de
+Tue Sep 30 07:06:06 EST 2008 - mboman@suse.de
 
 - Update to version 1.8.0:
   + Many API changes. See NEWS for full details

cairo.obsinfo

@@ -1,4 +1,4 @@
 name: cairo
-version: 1.18.2
-mtime: 1725196163
-commit: 200441e6855854eb4dbf338e44d67b00ababe07f
+version: 1.18.4
+mtime: 1741440205
+commit: 4541e0cd3a751b85e52e2a83d02ac6145a5efa85

cairo.spec

@@ -25,15 +25,15 @@ Summary:        Vector Graphics Library with Cross-Device Output Support
 License:        LGPL-2.1-or-later OR MPL-1.1
 Group:          Development/Libraries/C and C++
 URL:            https://cairographics.org
-### FIXME ### - Switch back to using source service!
-Source:         %{name}-%{version}.tar.xz
-%dnl #Source0:        %{name}-%{version}.tar.zst
+Source0:        %{name}-%{version}.tar.zst
 Source99:       baselibs.conf
 
 # PATCH-FIX-UPSTREAM cairo-xlib-endianness.patch fdo#63461 bnc#882951 fcrozat@suse.com -- Fix crash when client and server have different endianness
 Patch0:         cairo-xlib-endianness.patch
-# PATCH-FIX-UPSTREAM cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff alarrosa@suse.com -- Fix segfault in get_bitmap_surface
+# PATCH-FIX-UPSTREAM cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff CVE-2017-7475 bsc1036789 alarrosa@suse.com -- Fix segfault in get_bitmap_surface
 Patch1:         cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff
+# PATCH-FIX-UPSTREAM b5752618.patch CVE-2025-50422 bsc#1247589 qzhao@suse.com -- Fix a NULL access in active_edges_to_traps().
+Patch2:         b5752618.patch
 
 BuildRequires:  c++_compiler
 BuildRequires:  c_compiler