Hello community,
here is the log from the commit of package font-util for openSUSE:Factory
checked in at 2019-08-27 15:24:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/font-util (Old)
and /work/SRC/openSUSE:Factory/.font-util.new.7948 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "font-util"
Tue Aug 27 15:24:16 2019 rev:11 rq:726129 version:1.3.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/font-util/font-util.changes 2017-02-11
01:38:56.911929905 +0100
+++ /work/SRC/openSUSE:Factory/.font-util.new.7948/font-util.changes
2019-08-27 15:24:21.480751126 +0200
@@ -1,0 +2,14 @@
+Mon Aug 26 10:08:48 UTC 2019 - Stefan Dirsch <sndir...@suse.com>
+
+- Update to font-util 1.3.2
+ * This minor bugfix release fixes crashes of the ucs2any utility
+ when faced with a poorly-formed bdf font file.
+
+-------------------------------------------------------------------
+Thu Aug 8 11:06:29 UTC 2019 - Dominique Leuenberger <dims...@opensuse.org>
+
+- Own %{_datadir}/aclocal: when we might switch to pkgconf instead
+ of pkg-config, nothing in the build root is 'accidentally' owning
+ this directory for us.
+
+-------------------------------------------------------------------
Old:
----
font-util-1.3.1.tar.bz2
font-util-1.3.1.tar.bz2.sig
New:
----
font-util-1.3.2.tar.bz2
font-util-1.3.2.tar.bz2.sig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ font-util.spec ++++++
--- /var/tmp/diff_new_pack.5Dwv8d/_old 2019-08-27 15:24:23.488750115 +0200
+++ /var/tmp/diff_new_pack.5Dwv8d/_new 2019-08-27 15:24:23.492750114 +0200
@@ -1,7 +1,7 @@
#
# spec file for package font-util
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,17 +12,17 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: font-util
-Version: 1.3.1
+Version: 1.3.2
Release: 0
Summary: X.Org font package creation/installation utilities
License: MIT
Group: System/X11/Fonts
-Url: http://xorg.freedesktop.org/
+URL: https://xorg.freedesktop.org/
Source0:
http://xorg.freedesktop.org/archive/individual/font/%{name}-%{version}.tar.bz2
Source1:
http://xorg.freedesktop.org/archive/individual/font/%{name}-%{version}.tar.bz2.sig
Source2: %{name}.keyring
@@ -34,7 +34,6 @@
# X11R7.7 is in RC1, and xorg-x11-fonts-devel was version 7.6
Provides: xorg-x11-fonts-devel = 7.7
Obsoletes: xorg-x11-fonts-devel < 7.7
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
This package provides utilities for X.Org font package
@@ -52,12 +51,13 @@
%make_install
%files
-%defattr(-,root,root)
-%doc ChangeLog COPYING README
+%license COPYING
+%doc ChangeLog README.md
%{_bindir}/bdftruncate
%{_bindir}/ucs2any
%{_mandir}/man1/bdftruncate.1%{?ext_man}
%{_mandir}/man1/ucs2any.1%{?ext_man}
+%dir %{_datadir}/aclocal
%{_datadir}/aclocal/fontutil.m4
%{_datadir}/fonts/util/
%{_libdir}/pkgconfig/fontutil.pc
++++++ font-util-1.3.1.tar.bz2 -> font-util-1.3.2.tar.bz2 ++++++
++++ 5477 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/ChangeLog new/font-util-1.3.2/ChangeLog
--- old/font-util-1.3.1/ChangeLog 2015-03-14 17:00:39.000000000 +0100
+++ new/font-util-1.3.2/ChangeLog 2019-08-26 00:25:38.000000000 +0200
@@ -1,3 +1,103 @@
+commit d45011b8324fecebb4fc79e57491d341dd96e325
+Author: Alan Coopersmith <alan.coopersm...@oracle.com>
+Date: Sun Aug 25 15:23:33 2019 -0700
+
+ font-util 1.3.2
+
+ Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
+
+commit c5d12b729b61576069f479a0b5141aedea04676b
+Author: Tobias Stoeckmann <tob...@stoeckmann.org>
+Date: Wed Nov 8 21:36:32 2017 +0100
+
+ ucs2any: Fix parser crash on 32 bit
+
+ It is possible to crash ucs2any or provoke successful return value even
+ though the processing was not successful.
+
+ The problem lies within a possible integer overflow when adding elements
+ with a key which is too large.
+
+ You can trigger the issue this way on a 32 bit system:
+
+ $ cat > source.bdf << "EOF"
+ STARTFONT source
+ CHARS 1
+ ENCODING 1073741823
+ EOF
+ $ ucs2any source.bdf
+ Segmentation fault
+ $ _
+
+ Another possibility would be to add "ENCODING 1" right after the CHARS
+ line. In that case, realloc will allocate 0 bytes afterwards which is a
+ success but might return NULL, e.g. on Linux/glibc systems. Such a
+ result value is handled as an error and errno is evaluated and returned,
+ even though there was no error:
+
+ $ cat > source.bdf << "EOF"
+ STARTFONT source
+ CHARS 1
+ ENCODING 1
+ ENCODING 1073741823
+ EOF
+ $ ucs2any source.bdf
+ ucs2any: Success
+ $ echo $?
+ 0
+ $ _
+
+ Signed-off-by: Tobias Stoeckmann <tob...@stoeckmann.org>
+ Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
+
+commit 1d70c9accf93b9fae1b9adb48e47b7d96a5ae64e
+Author: Alan Coopersmith <alan.coopersm...@oracle.com>
+Date: Fri Dec 7 19:27:32 2018 -0800
+
+ Update configure.ac bug URL for gitlab migration
+
+ Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
+
+commit 202d167db645cfb6bd9218641b08833a6134ea04
+Author: Alan Coopersmith <alan.coopersm...@oracle.com>
+Date: Sun Nov 18 21:41:33 2018 -0800
+
+ Update README for gitlab migration
+
+ Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
+
+commit b98fe13193464042d2733308cdc2343adbc6163a
+Author: Mihail Konev <k....@ya.ru>
+Date: Thu Jan 26 13:52:48 2017 +1000
+
+ autogen: add default patch prefix
+
+ Signed-off-by: Mihail Konev <k....@ya.ru>
+
+commit cf962e480dc73315a4f2288f4d4e007cf3fb9905
+Author: Emil Velikov <emil.l.veli...@gmail.com>
+Date: Mon Mar 9 12:00:52 2015 +0000
+
+ autogen.sh: use quoted string variables
+
+ Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
+ fall-outs, when they contain space.
+
+ Signed-off-by: Emil Velikov <emil.l.veli...@gmail.com>
+ Reviewed-by: Peter Hutterer <peter.hutte...@who-t.net>
+ Signed-off-by: Peter Hutterer <peter.hutte...@who-t.net>
+
+commit 0abff92dc2370c57e79d028c17e6d7aeb50048f1
+Author: Peter Hutterer <peter.hutte...@who-t.net>
+Date: Tue Jan 24 10:32:07 2017 +1000
+
+ autogen.sh: use exec instead of waiting for configure to finish
+
+ Syncs the invocation of configure with the one from the server.
+
+ Signed-off-by: Peter Hutterer <peter.hutte...@who-t.net>
+ Reviewed-by: Emil Velikov <emil.veli...@collabora.com>
+
commit cfe0b4fb8f87b03060a3d3c9538df144856b5e9f
Author: Alan Coopersmith <alan.coopersm...@oracle.com>
Date: Sat Mar 14 09:00:06 2015 -0700
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/Makefile.am new/font-util-1.3.2/Makefile.am
--- old/font-util-1.3.1/Makefile.am 2015-03-14 17:00:24.000000000 +0100
+++ new/font-util-1.3.2/Makefile.am 2019-08-26 00:25:25.000000000 +0200
@@ -55,7 +55,7 @@
CLEANFILES = bdftruncate
-EXTRA_DIST = $(mapfiles_DATA)
+EXTRA_DIST = $(mapfiles_DATA) README.md
MAINTAINERCLEANFILES = ChangeLog INSTALL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/README new/font-util-1.3.2/README
--- old/font-util-1.3.1/README 2015-03-14 17:00:24.000000000 +0100
+++ new/font-util-1.3.2/README 1970-01-01 01:00:00.000000000 +0100
@@ -1,30 +0,0 @@
-X.Org font package creation/installation utilities
-
-If the --with-fontrootdir option is specified when configuring this
-package, it will be recorded in the fontutil pkg-config file to be used
-as the default parent directory for font modules built using the fontutil
-macros from version 1.1 or later of this package.
-
-All questions regarding this software should be directed at the
-Xorg mailing list:
-
- http://lists.freedesktop.org/mailman/listinfo/xorg
-
-Please submit bug reports to the Xorg bugzilla:
-
- https://bugs.freedesktop.org/enter_bug.cgi?product=xorg
-
-The master development code repository can be found at:
-
- git://anongit.freedesktop.org/git/xorg/font/util
-
- http://cgit.freedesktop.org/xorg/font/util
-
-For patch submission instructions, see:
-
- http://www.x.org/wiki/Development/Documentation/SubmittingPatches
-
-For more information on the git code manager, see:
-
- http://wiki.x.org/wiki/GitPage
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/README.md new/font-util-1.3.2/README.md
--- old/font-util-1.3.1/README.md 1970-01-01 01:00:00.000000000 +0100
+++ new/font-util-1.3.2/README.md 2019-08-26 00:25:25.000000000 +0200
@@ -0,0 +1,23 @@
+X.Org font package creation/installation utilities
+--------------------------------------------------
+
+If the --with-fontrootdir option is specified when configuring this
+package, it will be recorded in the fontutil pkg-config file to be used
+as the default parent directory for font modules built using the fontutil
+macros from version 1.1 or later of this package.
+
+All questions regarding this software should be directed at the
+Xorg mailing list:
+
+ https://lists.x.org/mailman/listinfo/xorg
+
+The master development code repository can be found at:
+
+ https://gitlab.freedesktop.org/xorg/font/util
+
+Please submit bug reports and requests to merge patches there.
+
+For patch submission instructions, see:
+
+ https://www.x.org/wiki/Development/Documentation/SubmittingPatches
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/configure.ac new/font-util-1.3.2/configure.ac
--- old/font-util-1.3.1/configure.ac 2015-03-14 17:00:24.000000000 +0100
+++ new/font-util-1.3.2/configure.ac 2019-08-26 00:25:25.000000000 +0200
@@ -23,8 +23,8 @@
# Initialize Autoconf
AC_PREREQ([2.60])
-AC_INIT([font-util], [1.3.1],
- [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [font-util])
+AC_INIT([font-util], [1.3.2],
+ [https://gitlab.freedesktop.org/xorg/font/util/issues], [font-util])
AC_CONFIG_SRCDIR([Makefile.am])
AC_CONFIG_HEADERS([config.h])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/font-util-1.3.1/ucs2any.c new/font-util-1.3.2/ucs2any.c
--- old/font-util-1.3.1/ucs2any.c 2015-03-14 17:00:24.000000000 +0100
+++ new/font-util-1.3.2/ucs2any.c 2019-08-26 00:25:25.000000000 +0200
@@ -45,6 +45,7 @@
#endif
#include <limits.h>
#include <stdarg.h>
+#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -220,6 +221,11 @@
{
int i = da->size;
if (key >= 0) {
+ if ((size_t)key >= SIZE_MAX / sizeof(void *)) {
+ fprintf(stderr, "%s: Illegal key '%d' encountered!\n",
+ my_name, key);
+ exit(1);
+ }
if (key >= da->size) {
da->size = key + 1;
da->values = zrealloc(da->values,
