source-changes: CVS commit: xsrc/xfree/xc/extras/freetype2

Subject: CVS commit: xsrc/xfree/xc/extras/freetype2
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <tron@netbsd.org>
List: source-changes
Date: 06/02/2006 16:16:25

Module Name:	xsrc
Committed By:	tron
Date:		Fri Jun  2 16:16:25 UTC 2006

Modified Files:
	xsrc/xfree/xc/extras/freetype2/include/freetype: fterrdef.h
	xsrc/xfree/xc/extras/freetype2/src/base: ftmac.c ftutil.c
	xsrc/xfree/xc/extras/freetype2/src/bdf: bdflib.c
	xsrc/xfree/xc/extras/freetype2/src/cff: cffgload.c cffgload.h cffload.c
	    cfftypes.h
	xsrc/xfree/xc/extras/freetype2/src/pshinter: pshglob.c
	xsrc/xfree/xc/extras/freetype2/src/sfnt: ttcmap0.c
	xsrc/xfree/xc/extras/freetype2/src/type1: t1load.c

Log Message:
Fixes for several integer overflows and null-pointer dereferences
found by Josh Bressers and Chris Evans. CVE-2006-0747, CVE-2006-1861,
CVE-2006-2661.

Based on a patch provided by Matthieu Herrb.


To generate a diff of this commit:
cvs rdiff -r1.1.1.2 -r1.2 \
    xsrc/xfree/xc/extras/freetype2/include/freetype/fterrdef.h
cvs rdiff -r1.1.1.7 -r1.2 xsrc/xfree/xc/extras/freetype2/src/base/ftmac.c
cvs rdiff -r1.1.1.2 -r1.2 xsrc/xfree/xc/extras/freetype2/src/base/ftutil.c
cvs rdiff -r1.1.1.3 -r1.2 xsrc/xfree/xc/extras/freetype2/src/bdf/bdflib.c
cvs rdiff -r1.1.1.5 -r1.2 xsrc/xfree/xc/extras/freetype2/src/cff/cffgload.c \
    xsrc/xfree/xc/extras/freetype2/src/cff/cffgload.h \
    xsrc/xfree/xc/extras/freetype2/src/cff/cffload.c
cvs rdiff -r1.1.1.1 -r1.2 xsrc/xfree/xc/extras/freetype2/src/cff/cfftypes.h
cvs rdiff -r1.1.1.4 -r1.2 \
    xsrc/xfree/xc/extras/freetype2/src/pshinter/pshglob.c
cvs rdiff -r1.1.1.3 -r1.2 xsrc/xfree/xc/extras/freetype2/src/sfnt/ttcmap0.c
cvs rdiff -r1.1.1.6 -r1.2 xsrc/xfree/xc/extras/freetype2/src/type1/t1load.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.