- security update:

* CVE-2017-5436 [bsc#1035204] + graphite2-CVE-2017-5436.patch OBS-URL: https://build.opensuse.org/package/show/LibreOffice:Factory/graphite2?expand=0&rev=46
2017-04-24 07:24:14 +00:00 · 2017-04-24 07:24:14 +00:00 · d3436792fc
commit d3436792fc
parent cd6417701f
3 changed files with 33 additions and 1 deletions
--- a/graphite2-CVE-2017-5436.patch
+++ b/graphite2-CVE-2017-5436.patch
@ -0,0 +1,23 @@
+From 1ce331d5548b98ed8b818532b2556d6f2c7a3b83 Mon Sep 17 00:00:00 2001
+From: Martin Hosken <martin_hosken@sil.org>
+Date: Thu, 9 Mar 2017 22:04:04 +0000
+Subject: [PATCH] Ensure features have enough space. Fix from Mozilla
+
+---
+ src/FeatureMap.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/FeatureMap.cpp b/src/FeatureMap.cpp
+index b8c8405..83bd5f6 100644
+--- a/src/FeatureMap.cpp
+++ b/src/FeatureMap.cpp
+@@ -275,7 +275,7 @@ bool FeatureRef::applyValToFeature(uint32 val, Features & pDest) const
+     else
+       if (pDest.m_pMap!=&m_pFace->theSill().theFeatureMap())
+         return false;       //incompatible
+-    pDest.reserve(m_index);
+    pDest.reserve(m_index+1);
+     pDest[m_index] &= ~m_mask;
+     pDest[m_index] |= (uint32(val) << m_bits);
+     return true;
+
--- a/graphite2.changes
+++ b/graphite2.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Apr 24 07:22:01 UTC 2017 - pgajdos@suse.com
+
+- security update: 
+  * CVE-2017-5436 [bsc#1035204]
+    + graphite2-CVE-2017-5436.patch
+
 -------------------------------------------------------------------
 Mon Nov 21 10:53:29 UTC 2016 - pgajdos@suse.com

--- a/graphite2.spec
+++ b/graphite2.spec
@ -1,7 +1,7 @@
 #
 # spec file for package graphite2
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -29,6 +29,7 @@ Source1:        baselibs.conf
 Patch0:         graphite2-1.2.0-cmakepath.patch
 Patch1:         graphite-nonvoid-return.patch
 Patch2:         link-gcc-shared.diff
+Patch3:         graphite2-CVE-2017-5436.patch
 BuildRequires:  asciidoc
 BuildRequires:  cmake
 BuildRequires:  fontconfig-devel
@ -82,6 +83,7 @@ This package contains the %{name} development files.
 %patch0 -p1
 %patch1 -p1
 %patch2
+%patch3 -p1

 %build
 %cmake \