graphite2: update to 1.3.7

[coypu <coypu%sdf.org@localhost>]

Module Name:	pkgsrc-wip
Committed By:	coypu <coypu%sdf.org@localhost>
Pushed By:	coypu
Date:		Wed Mar 23 11:42:53 2016 +0200
Changeset:	74cabe4552a0bce3a43419196f1cfbe14b6bc839

Modified Files:
	graphite2/Makefile
	graphite2/distinfo

Log Message:
graphite2: update to 1.3.7

Changelog:
1.3.7
    . Bug fixes
    . Start to deprecate SegCache. This will be going away in a later release.

1.3.6
    . Bug fixes

Fixes at least the following CVEs and possibly more:

    Graphite2 Machine::Code::decoder::analysis::set_ref stack out of bounds bit set (CVE-2016-1977)
    Use of uninitialised memory in [@graphite2::TtfUtil::GetTableInfo] (CVE-2016-2790)
    graphite2: heap-buffer-overflow read in [@graphite2::GlyphCache::glyph] (CVE-2016-2791)
    graphite2: heap-buffer-overflow read in [@graphite2::Slot::getAttr] Slot.cpp:232 (CVE-2016-2792)
    graphite2: heap-buffer-overflow read in CachedCmap.cpp (CVE-2016-2793)
    graphite2: heap-buffer-overflow read in [@graphite2::TtfUtil::CmapSubtable12NextCodepoint] (CVE-2016-2794)
    Use of uninitialised memory in [@graphite2::FileFace::get_table_fn] (CVE-2016-2795)
    graphite2: heap-buffer-overflow write in [@graphite2::vm::Machine::Code::Code] (CVE-2016-2796)
    graphite2: heap-buffer-overflow read in [@graphite2::TtfUtil::CmapSubtable12Lookup] (CVE-2016-2797)
    graphite2: heap-buffer-overflow read in [@graphite2::GlyphCache::Loader::Loader] (CVE-2016-2798)
    graphite2: heap-buffer-overflow write in [@graphite2::Slot::setAttr] (CVE-2016-2799)
    graphite2: heap-buffer-overflow read in [@graphite2::Slot::getAttr] Slot.cpp:234 (CVE-2016-2800)
    graphite2: heap-buffer-overflow read in [@graphite2::TtfUtil::CmapSubtable12Lookup] TtfUtil.cpp:1126 (CVE-2016-2801)
    graphite2: heap-buffer-overflow read in [@graphite2::TtfUtil::CmapSubtable4NextCodepoint] (CVE-2016-2802)

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=74cabe4552a0bce3a43419196f1cfbe14b6bc839

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 graphite2/Makefile | 2 +-
 graphite2/distinfo | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diffs:
diff --git a/graphite2/Makefile b/graphite2/Makefile
index 1f04170..679f392 100644
--- a/graphite2/Makefile
+++ b/graphite2/Makefile
@@ -1,6 +1,6 @@
 # $NetBSD: Makefile,v 1.3 2016/01/26 13:56:23 wiz Exp $
 
-DISTNAME=	graphite2-1.3.5
+DISTNAME=	graphite2-1.3.7
 CATEGORIES=	graphics
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=silgraphite/}
 EXTRACT_SUFX=	.tgz
diff --git a/graphite2/distinfo b/graphite2/distinfo
index 4ac441e..31a96da 100644
--- a/graphite2/distinfo
+++ b/graphite2/distinfo
@@ -1,7 +1,7 @@
 $NetBSD: distinfo,v 1.6 2016/02/07 01:05:11 ryoon Exp $
 
-SHA1 (graphite2-1.3.5.tgz) = 044f65d5b4ade3169f5fcd75a25f047c81f5d33e
-RMD160 (graphite2-1.3.5.tgz) = 49c0c9d919a23ab215402d082670083b7cfba61e
-SHA512 (graphite2-1.3.5.tgz) = 70e85ff44d63dcca6beb55aa68966888453610c4ec1fca0d0986910a8f396ad64fd0b9f393270fd403c93e7e5d45cdc134c3965f47761cd40cd659b92b8abcec
-Size (graphite2-1.3.5.tgz) = 3880214 bytes
+SHA1 (graphite2-1.3.7.tgz) = 83fde60cca7ce82d3b90b335a6e6ea719d15ffec
+RMD160 (graphite2-1.3.7.tgz) = a4fe7f52d67e126c20678863309aaf2b85a7ddf7
+SHA512 (graphite2-1.3.7.tgz) = 163ac1455003398690b173f2ce56509bba1ae1e480585635888e3b061fef1ff8493c86f4647efde65ea10cd82b4048fcc8e882ea56811a8169956ad27bd10b8f
+Size (graphite2-1.3.7.tgz) = 3883666 bytes
 SHA1 (patch-src_CMakeLists.txt) = 4751d4cb699a368b9b612a18c45176346e29968b