diff --git a/0001-Fix-assertion-failure-in-the-freetype-backend.patch b/0001-Fix-assertion-failure-in-the-freetype-backend.patch deleted file mode 100644 index f891dfbefbbc6238587b8492d8fe61ace972da6e..0000000000000000000000000000000000000000 --- a/0001-Fix-assertion-failure-in-the-freetype-backend.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 7554822dd0b52d33ec7898e81b59e97164b00142 Mon Sep 17 00:00:00 2001 -From: Uli Schlachter -Date: Sat, 21 Apr 2018 09:37:06 +0200 -Subject: [PATCH] Fix assertion failure in the freetype backend - -Fonts are kept in a hash table, so when creating a new font, the code -first checks the hash table for an already-existing entry and only then -is a new instance really created. There is an assert that checks that -the key used for the hash table lookup is the same as the instance that -is created later has, because otherwise the hash table was checked -incorrectly. - -This assert failed in some conditions. - -Fix this by fixing some places that initialised ft hash keys in a wrong -way. - -Patch by Behdad Esfahbod and submitted via bugzilla. - -Source: https://bugs.freedesktop.org/show_bug.cgi?id=105746#c4 -Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=105746 -Signed-off-by: Uli Schlachter ---- - src/cairo-ft-font.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c -index 79aef78f5b0d..9b10708988d7 100644 ---- a/src/cairo-ft-font.c -+++ b/src/cairo-ft-font.c -@@ -445,7 +445,7 @@ _cairo_ft_unscaled_font_init (cairo_ft_unscaled_font_t *unscaled, - - if (from_face) { - unscaled->from_face = TRUE; -- _cairo_ft_unscaled_font_init_key (unscaled, TRUE, NULL, face->face_index, face); -+ _cairo_ft_unscaled_font_init_key (unscaled, TRUE, NULL, id, face); - - - unscaled->have_color = FT_HAS_COLOR (face) != 0; -@@ -640,7 +640,7 @@ static cairo_status_t - _cairo_ft_unscaled_font_create_from_face (FT_Face face, - cairo_ft_unscaled_font_t **out) - { -- return _cairo_ft_unscaled_font_create_internal (TRUE, NULL, 0, face, out); -+ return _cairo_ft_unscaled_font_create_internal (TRUE, NULL, face->face_index, face, out); - } - - static cairo_bool_t --- -2.17.0 - diff --git a/125.patch b/125.patch new file mode 100644 index 0000000000000000000000000000000000000000..d5cfe2f2277e4c582f2c69cf231785d2a60a79be --- /dev/null +++ b/125.patch @@ -0,0 +1,58 @@ +From a3b69a0215fdface0fd5730872a4b3242d979dca Mon Sep 17 00:00:00 2001 +From: Uli Schlachter +Date: Tue, 9 Feb 2021 16:54:35 +0100 +Subject: [PATCH] pdf font subset: Generate valid font names + +A hash value is encoded in base 26 with upper case letters for font +names. + +Commit ed984146 replaced "numerator = abs (hash);" with "numerator = +hash;" in this code, because hash has type uint32_t and the compiler +warned about taking the absolute value of an unsigned value. However, +abs() is actually defined to take an int argument. Thus, there was some +implicit cast. + +Since numerator has type long, i.e. is signed, it is now actually +possible to get an overflow in the implicit cast and then have a +negative number. The following code is not prepared for this and +produces non-letters when encoding the hash. + +This commit fixes that problem by not using ldiv() and instead using / +and % to directly compute the needed values. This gets rid of the need +to convert to type long. Since now everything works with uint32_t, there +is no more chance for negative numbers messing things up. + +Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/449 +Signed-off-by: Uli Schlachter +--- + src/cairo-pdf-surface.c | 8 ++------ + 1 file changed, 2 insertions(+), 6 deletions(-) + +diff --git a/src/cairo-pdf-surface.c b/src/cairo-pdf-surface.c +index 6da460878..52c49b6d2 100644 +--- a/src/cairo-pdf-surface.c ++++ b/src/cairo-pdf-surface.c +@@ -5310,18 +5310,14 @@ _create_font_subset_tag (cairo_scaled_font_subset_t *font_subset, + { + uint32_t hash; + int i; +- long numerator; +- ldiv_t d; + + hash = _hash_data ((unsigned char *) font_name, strlen(font_name), 0); + hash = _hash_data ((unsigned char *) (font_subset->glyphs), + font_subset->num_glyphs * sizeof(unsigned long), hash); + +- numerator = hash; + for (i = 0; i < 6; i++) { +- d = ldiv (numerator, 26); +- numerator = d.quot; +- tag[i] = 'A' + d.rem; ++ tag[i] = 'A' + (hash % 26); ++ hash /= 26; + } + tag[i] = 0; + } +-- +GitLab + diff --git a/cairo.spec b/cairo.spec index f0641f9b42336b39aa85915089091c287343b341..778677e085e956d1bbe76818562991dceefaadbc 100644 --- a/cairo.spec +++ b/cairo.spec @@ -10,25 +10,29 @@ %endif Name: cairo -Version: 1.15.12 -Release: 6%{?dist} +Version: 1.17.4 +Release: 7%{?dist} Summary: A 2D graphics library License: LGPLv2 or MPLv1.1 URL: http://cairographics.org Source0: http://cairographics.org/snapshots/%{name}-%{version}.tar.xz -# Backported from upstream -Patch0: 0001-Fix-assertion-failure-in-the-freetype-backend.patch - Patch3: cairo-multilib.patch # https://gitlab.freedesktop.org/cairo/cairo/merge_requests/1 Patch4: 0001-Set-default-LCD-filter-to-FreeType-s-default.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=1908113 -Patch5: cairo-1.15.12-CVE-2020-35492.patch +# Fix generating PDF font names +# https://gitlab.freedesktop.org/cairo/cairo/-/merge_requests/125 +Patch5: 125.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1911486 +Patch6: cairo-1.15.12-CVE-2020-35492.patch + +# For Patch6. +BuildRequires: autoconf automake gettext-devel libtool +BuildRequires: gcc BuildRequires: pkgconfig BuildRequires: libXrender-devel BuildRequires: libX11-devel @@ -43,8 +47,7 @@ BuildRequires: librsvg2-devel BuildRequires: mesa-libGL-devel BuildRequires: mesa-libEGL-devel %endif -# Required for Patch5. -BuildRequires: autoconf automake libtool +BuildRequires: make BuildRequires: git-core %description @@ -122,15 +125,11 @@ make V=1 %{?_smp_mflags} %make_install find $RPM_BUILD_ROOT -name '*.la' -delete -%ldconfig_scriptlets -%ldconfig_scriptlets gobject - %files %license COPYING COPYING-LGPL-2.1 COPYING-MPL-1.1 %doc AUTHORS BIBLIOGRAPHY BUGS NEWS README -%{_libdir}/libcairo.so.* -%{_libdir}/libcairo-script-interpreter.so.* -%{_bindir}/cairo-sphinx +%{_libdir}/libcairo.so.2* +%{_libdir}/libcairo-script-interpreter.so.2* %files devel %doc ChangeLog PORTING_GUIDE @@ -173,7 +172,7 @@ find $RPM_BUILD_ROOT -name '*.la' -delete %endif %files gobject -%{_libdir}/libcairo-gobject.so.* +%{_libdir}/libcairo-gobject.so.2* %files gobject-devel %{_includedir}/cairo/cairo-gobject.h @@ -185,18 +184,65 @@ find $RPM_BUILD_ROOT -name '*.la' -delete %{_libdir}/cairo/ %changelog -* Thu Jan 20 2022 David King - 1.15.12-6 -- Fix CVE reference test (#1908113) +* Mon Feb 21 2022 Tomas Popela - 1.17.4-7 +- Add git as BR (#1911486) + +* Mon Feb 21 2022 David King - 1.17.4-6 +- Fix CVE-2020-35492 (#1911486) + +* Mon Aug 09 2021 Mohan Boddu - 1.17.4-5 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Thu Apr 15 2021 Mohan Boddu - 1.17.4-4 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Tue Mar 16 2021 Kalev Lember - 1.17.4-3 +- Backport an upstream patch to fix generating PDF font names (#1939399) + +* Tue Jan 26 2021 Fedora Release Engineering - 1.17.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Fri Dec 11 2020 Kalev Lember - 1.17.4-1 +- Update to 1.17.4 +- Tighten soname globs -* Thu Jan 20 2022 David King - 1.15.12-5 -- Add reference test to CVE fix (#1908113) +* Mon Jul 27 2020 Fedora Release Engineering - 1.16.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -* Mon Jan 17 2022 David King - 1.15.12-4 -- Fix CVE-2020-35492 (#1908113) +* Fri Apr 24 2020 Marek Kasik - 1.16.0-8 +- Allow empty array of operands for certain operators in CFF fonts +- Resolves: #1817958 -* Thu Dec 6 2018 Marek Kasik - 1.15.12-3 +* Tue Jan 28 2020 Fedora Release Engineering - 1.16.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jul 24 2019 Fedora Release Engineering - 1.16.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jun 03 2019 Kalev Lember - 1.16.0-5 +- Fix a thinko in composite_color_glyphs + +* Thu Jan 31 2019 Fedora Release Engineering - 1.16.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Dec 7 2018 Marek Kasik - 1.16.0-3 +- Use FT_Done_MM_Var instead of free when available in +- cairo_ft_apply_variations + +* Fri Dec 7 2018 Marek Kasik - 1.16.0-2 - Set default LCD filter to FreeType's default -- Resolves: #1651240 +- Resolves: #1645763 + +* Mon Oct 22 2018 Kalev Lember - 1.16.0-1 +- Update to 1.16.0 + +* Sat Sep 22 2018 Kalev Lember - 1.15.14-1 +- Update to 1.15.14 +- Drop ldconfig scriptlets + +* Thu Jul 12 2018 Fedora Release Engineering - 1.15.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Sat Apr 21 2018 Kalev Lember - 1.15.12-2 - Fix assertion failure in the freetype backend (#1567633) diff --git a/dist b/dist new file mode 100644 index 0000000000000000000000000000000000000000..89c1faffc18349bb12eee2371e9dc43bf419b95c --- /dev/null +++ b/dist @@ -0,0 +1 @@ +an9 diff --git a/download b/download index 79b76b23e486fbba7353a1c94a7fea02c41bd261..8e8ad64f26ab8e18658c78571b5b9e4d3596d1f9 100644 --- a/download +++ b/download @@ -1 +1 @@ -f7d9ad73a8abe0d178e0fc16d3fcbfa3 cairo-1.15.12.tar.xz +bf9d0d324ecbd350d0e9308125fa4ce0 cairo-1.17.4.tar.xz