Hello community, here is the log from the commit of package font-util for openSUSE:Factory checked in at 2019-08-27 15:24:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/font-util (Old) and /work/SRC/openSUSE:Factory/.font-util.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "font-util" Tue Aug 27 15:24:16 2019 rev:11 rq:726129 version:1.3.2 Changes: -------- --- /work/SRC/openSUSE:Factory/font-util/font-util.changes 2017-02-11 01:38:56.911929905 +0100 +++ /work/SRC/openSUSE:Factory/.font-util.new.7948/font-util.changes 2019-08-27 15:24:21.480751126 +0200 @@ -1,0 +2,14 @@ +Mon Aug 26 10:08:48 UTC 2019 - Stefan Dirsch <sndir...@suse.com> + +- Update to font-util 1.3.2 + * This minor bugfix release fixes crashes of the ucs2any utility + when faced with a poorly-formed bdf font file. + +------------------------------------------------------------------- +Thu Aug 8 11:06:29 UTC 2019 - Dominique Leuenberger <dims...@opensuse.org> + +- Own %{_datadir}/aclocal: when we might switch to pkgconf instead + of pkg-config, nothing in the build root is 'accidentally' owning + this directory for us. + +------------------------------------------------------------------- Old: ---- font-util-1.3.1.tar.bz2 font-util-1.3.1.tar.bz2.sig New: ---- font-util-1.3.2.tar.bz2 font-util-1.3.2.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ font-util.spec ++++++ --- /var/tmp/diff_new_pack.5Dwv8d/_old 2019-08-27 15:24:23.488750115 +0200 +++ /var/tmp/diff_new_pack.5Dwv8d/_new 2019-08-27 15:24:23.492750114 +0200 @@ -1,7 +1,7 @@ # # spec file for package font-util # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,17 +12,17 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: font-util -Version: 1.3.1 +Version: 1.3.2 Release: 0 Summary: X.Org font package creation/installation utilities License: MIT Group: System/X11/Fonts -Url: http://xorg.freedesktop.org/ +URL: https://xorg.freedesktop.org/ Source0: http://xorg.freedesktop.org/archive/individual/font/%{name}-%{version}.tar.bz2 Source1: http://xorg.freedesktop.org/archive/individual/font/%{name}-%{version}.tar.bz2.sig Source2: %{name}.keyring @@ -34,7 +34,6 @@ # X11R7.7 is in RC1, and xorg-x11-fonts-devel was version 7.6 Provides: xorg-x11-fonts-devel = 7.7 Obsoletes: xorg-x11-fonts-devel < 7.7 -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This package provides utilities for X.Org font package @@ -52,12 +51,13 @@ %make_install %files -%defattr(-,root,root) -%doc ChangeLog COPYING README +%license COPYING +%doc ChangeLog README.md %{_bindir}/bdftruncate %{_bindir}/ucs2any %{_mandir}/man1/bdftruncate.1%{?ext_man} %{_mandir}/man1/ucs2any.1%{?ext_man} +%dir %{_datadir}/aclocal %{_datadir}/aclocal/fontutil.m4 %{_datadir}/fonts/util/ %{_libdir}/pkgconfig/fontutil.pc ++++++ font-util-1.3.1.tar.bz2 -> font-util-1.3.2.tar.bz2 ++++++ ++++ 5477 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/ChangeLog new/font-util-1.3.2/ChangeLog --- old/font-util-1.3.1/ChangeLog 2015-03-14 17:00:39.000000000 +0100 +++ new/font-util-1.3.2/ChangeLog 2019-08-26 00:25:38.000000000 +0200 @@ -1,3 +1,103 @@ +commit d45011b8324fecebb4fc79e57491d341dd96e325 +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun Aug 25 15:23:33 2019 -0700 + + font-util 1.3.2 + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit c5d12b729b61576069f479a0b5141aedea04676b +Author: Tobias Stoeckmann <tob...@stoeckmann.org> +Date: Wed Nov 8 21:36:32 2017 +0100 + + ucs2any: Fix parser crash on 32 bit + + It is possible to crash ucs2any or provoke successful return value even + though the processing was not successful. + + The problem lies within a possible integer overflow when adding elements + with a key which is too large. + + You can trigger the issue this way on a 32 bit system: + + $ cat > source.bdf << "EOF" + STARTFONT source + CHARS 1 + ENCODING 1073741823 + EOF + $ ucs2any source.bdf + Segmentation fault + $ _ + + Another possibility would be to add "ENCODING 1" right after the CHARS + line. In that case, realloc will allocate 0 bytes afterwards which is a + success but might return NULL, e.g. on Linux/glibc systems. Such a + result value is handled as an error and errno is evaluated and returned, + even though there was no error: + + $ cat > source.bdf << "EOF" + STARTFONT source + CHARS 1 + ENCODING 1 + ENCODING 1073741823 + EOF + $ ucs2any source.bdf + ucs2any: Success + $ echo $? + 0 + $ _ + + Signed-off-by: Tobias Stoeckmann <tob...@stoeckmann.org> + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit 1d70c9accf93b9fae1b9adb48e47b7d96a5ae64e +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Fri Dec 7 19:27:32 2018 -0800 + + Update configure.ac bug URL for gitlab migration + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit 202d167db645cfb6bd9218641b08833a6134ea04 +Author: Alan Coopersmith <alan.coopersm...@oracle.com> +Date: Sun Nov 18 21:41:33 2018 -0800 + + Update README for gitlab migration + + Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> + +commit b98fe13193464042d2733308cdc2343adbc6163a +Author: Mihail Konev <k....@ya.ru> +Date: Thu Jan 26 13:52:48 2017 +1000 + + autogen: add default patch prefix + + Signed-off-by: Mihail Konev <k....@ya.ru> + +commit cf962e480dc73315a4f2288f4d4e007cf3fb9905 +Author: Emil Velikov <emil.l.veli...@gmail.com> +Date: Mon Mar 9 12:00:52 2015 +0000 + + autogen.sh: use quoted string variables + + Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent + fall-outs, when they contain space. + + Signed-off-by: Emil Velikov <emil.l.veli...@gmail.com> + Reviewed-by: Peter Hutterer <peter.hutte...@who-t.net> + Signed-off-by: Peter Hutterer <peter.hutte...@who-t.net> + +commit 0abff92dc2370c57e79d028c17e6d7aeb50048f1 +Author: Peter Hutterer <peter.hutte...@who-t.net> +Date: Tue Jan 24 10:32:07 2017 +1000 + + autogen.sh: use exec instead of waiting for configure to finish + + Syncs the invocation of configure with the one from the server. + + Signed-off-by: Peter Hutterer <peter.hutte...@who-t.net> + Reviewed-by: Emil Velikov <emil.veli...@collabora.com> + commit cfe0b4fb8f87b03060a3d3c9538df144856b5e9f Author: Alan Coopersmith <alan.coopersm...@oracle.com> Date: Sat Mar 14 09:00:06 2015 -0700 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/Makefile.am new/font-util-1.3.2/Makefile.am --- old/font-util-1.3.1/Makefile.am 2015-03-14 17:00:24.000000000 +0100 +++ new/font-util-1.3.2/Makefile.am 2019-08-26 00:25:25.000000000 +0200 @@ -55,7 +55,7 @@ CLEANFILES = bdftruncate -EXTRA_DIST = $(mapfiles_DATA) +EXTRA_DIST = $(mapfiles_DATA) README.md MAINTAINERCLEANFILES = ChangeLog INSTALL diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/README new/font-util-1.3.2/README --- old/font-util-1.3.1/README 2015-03-14 17:00:24.000000000 +0100 +++ new/font-util-1.3.2/README 1970-01-01 01:00:00.000000000 +0100 @@ -1,30 +0,0 @@ -X.Org font package creation/installation utilities - -If the --with-fontrootdir option is specified when configuring this -package, it will be recorded in the fontutil pkg-config file to be used -as the default parent directory for font modules built using the fontutil -macros from version 1.1 or later of this package. - -All questions regarding this software should be directed at the -Xorg mailing list: - - http://lists.freedesktop.org/mailman/listinfo/xorg - -Please submit bug reports to the Xorg bugzilla: - - https://bugs.freedesktop.org/enter_bug.cgi?product=xorg - -The master development code repository can be found at: - - git://anongit.freedesktop.org/git/xorg/font/util - - http://cgit.freedesktop.org/xorg/font/util - -For patch submission instructions, see: - - http://www.x.org/wiki/Development/Documentation/SubmittingPatches - -For more information on the git code manager, see: - - http://wiki.x.org/wiki/GitPage - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/README.md new/font-util-1.3.2/README.md --- old/font-util-1.3.1/README.md 1970-01-01 01:00:00.000000000 +0100 +++ new/font-util-1.3.2/README.md 2019-08-26 00:25:25.000000000 +0200 @@ -0,0 +1,23 @@ +X.Org font package creation/installation utilities +-------------------------------------------------- + +If the --with-fontrootdir option is specified when configuring this +package, it will be recorded in the fontutil pkg-config file to be used +as the default parent directory for font modules built using the fontutil +macros from version 1.1 or later of this package. + +All questions regarding this software should be directed at the +Xorg mailing list: + + https://lists.x.org/mailman/listinfo/xorg + +The master development code repository can be found at: + + https://gitlab.freedesktop.org/xorg/font/util + +Please submit bug reports and requests to merge patches there. + +For patch submission instructions, see: + + https://www.x.org/wiki/Development/Documentation/SubmittingPatches + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/configure.ac new/font-util-1.3.2/configure.ac --- old/font-util-1.3.1/configure.ac 2015-03-14 17:00:24.000000000 +0100 +++ new/font-util-1.3.2/configure.ac 2019-08-26 00:25:25.000000000 +0200 @@ -23,8 +23,8 @@ # Initialize Autoconf AC_PREREQ([2.60]) -AC_INIT([font-util], [1.3.1], - [https://bugs.freedesktop.org/enter_bug.cgi?product=xorg], [font-util]) +AC_INIT([font-util], [1.3.2], + [https://gitlab.freedesktop.org/xorg/font/util/issues], [font-util]) AC_CONFIG_SRCDIR([Makefile.am]) AC_CONFIG_HEADERS([config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/font-util-1.3.1/ucs2any.c new/font-util-1.3.2/ucs2any.c --- old/font-util-1.3.1/ucs2any.c 2015-03-14 17:00:24.000000000 +0100 +++ new/font-util-1.3.2/ucs2any.c 2019-08-26 00:25:25.000000000 +0200 @@ -45,6 +45,7 @@ #endif #include <limits.h> #include <stdarg.h> +#include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -220,6 +221,11 @@ { int i = da->size; if (key >= 0) { + if ((size_t)key >= SIZE_MAX / sizeof(void *)) { + fprintf(stderr, "%s: Illegal key '%d' encountered!\n", + my_name, key); + exit(1); + } if (key >= da->size) { da->size = key + 1; da->values = zrealloc(da->values,