!57 fix CVE-2025-27363

From: @zppzhangpan Reviewed-by: @yanan-rock Signed-off-by: @yanan-rock
2025-03-18 06:42:04 +00:00 · 2025-03-18 06:42:04 +00:00 · fee3da6f93
commit fee3da6f93
parent 5a913d2016 ef058e8f2d
2 changed files with 49 additions and 8 deletions
--- a/backport-CVE-2025-27363.patch
+++ b/backport-CVE-2025-27363.patch
@ -0,0 +1,36 @@
+From 73720c7c9958e87b3d134a7574d1720ad2d24442 Mon Sep 17 00:00:00 2001
+From: Alexei Podtelezhnikov <apodtele@gmail.com>
+Date: Sun, 23 Jun 2024 10:58:00 -0400
+Subject: [PATCH] * src/truetype/ttgload.c (load_truetype_glyph): Unsigned fix.
+
+Reference:https://gitlab.freedesktop.org/freetype/freetype/-/commit/73720c7c9958e87b3d134a7574d1720ad2d24442
+Conflict:NA
+
+---
+ src/truetype/ttgload.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/truetype/ttgload.c b/src/truetype/ttgload.c
+index 8cddc394c..b656ccf04 100644
+--- a/src/truetype/ttgload.c
+++ b/src/truetype/ttgload.c
+@@ -1738,14 +1738,14 @@
+       if ( FT_IS_NAMED_INSTANCE( FT_FACE( face ) ) ||
+            FT_IS_VARIATION( FT_FACE( face ) )      )
+       {
+-        short        i, limit;
+        FT_UShort    i, limit;
+         FT_SubGlyph  subglyph;
+ 
+         FT_Outline  outline = { 0, 0, NULL, NULL, NULL, 0 };
+         FT_Vector*  unrounded = NULL;
+ 
+ 
+-        limit = (short)gloader->current.num_subglyphs;
+        limit = (FT_UShort)gloader->current.num_subglyphs;
+ 
+         /* construct an outline structure for              */
+         /* communication with `TT_Vary_Apply_Glyph_Deltas' */
+-- 
+GitLab
+
--- a/freetype.spec
+++ b/freetype.spec
@ -6,7 +6,7 @@

 Name:           freetype
 Version:        2.13.2
-Release:        2
+Release:        3
 Summary:        FreeType is a freely available software library to render fonts
 License:        (FTL OR GPL-2.0-or-later) AND BSD-3-Clause AND MIT AND MIT-Modern-Variant AND Zlib
 URL:            https://www.freetype.org
@ -24,6 +24,7 @@ Patch6002:      backport-freetype-2.6.5-libtool.patch
 Patch6003:      backport-freetype-2.8-multilib.patch
 Patch6004:      backport-freetype-2.10.0-internal-outline.patch
 Patch6005:      backport-freetype-2.10.1-debughook.patch
+Patch6006:      backport-CVE-2025-27363.patch

 BuildRequires: gcc meson
 BuildRequires: pkgconfig(bzip2)
@ -65,14 +66,15 @@ FreeType.
 %setup -q -b 1 -a 2

 pushd ft2demos-%{version}
-%patch -P1  -p1 -b .more-demos
+%patch1 -p1 -b .more-demos
 popd
-%patch -P6000 -p1
-%patch -P6001 -p1
-%patch -P6002 -p1
-%patch -P6003 -p1
-%patch -P6004 -p1
-%patch -P6005 -p1
+%patch6000 -p1
+%patch6001 -p1
+%patch6002 -p1
+%patch6003 -p1
+%patch6004 -p1
+%patch6005 -p1
+%patch6006 -p1

 %build
 %configure --disable-static \
@ -157,6 +159,9 @@ meson test -C out
 %{_mandir}/man1/*

 %changelog
+* Mon Mar 17 2025 zhangpan <zhangpan103@h-partners.com> - 2.13.2-3
+- fix CVE-2025-27363
+
 * Sun Aug 11 2024 Funda Wang <fundawang@yeah.net> - 2.13.2-2
 - Cleanup spec
 - Conditioned build harfbuzz support