[SCM] Qt 4 packaging branch, squeeze, updated. debian/4.6.3-4+squeeze1-7-gcb4b4ef

Lisandro Damián Nicanor Pérez lisandro at alioth.debian.org
Sat Feb 9 18:30:23 UTC 2013 

Gitweb-URL: http://git.debian.org/?p=pkg-kde/qt/qt4-x11.git;a=commitdiff;h=cb4b4ef

The following commit has been merged in the squeeze branch:
commit cb4b4efc95217e064dca02e7a30551abab2ffc71
Author: Lisandro Damián Nicanor Pérez Meyer <perezmeyer at gmail.com>
Date:   Sat Feb 9 15:29:53 2013 -0300

    Fix CVE-2011-3193.
---
 debian/changelog                                   |    2 +
 ...rflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch |   26 ++++++++++++++++++++
 debian/patches/series                              |    1 +
 3 files changed, 29 insertions(+), 0 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 5eb1173..73c6a94 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -10,6 +10,8 @@ qt4-x11 (4:4.6.3-4+squeeze2) UNRELEASED; urgency=high
     - Turktrust.
     Patch ssl_certificates_blacklist.patch.
   * Add CVE-2011-3922.patch: Stack-buffer-overflow in glyph handling.
+  * Add Check_for_buffer_overflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch,
+    fixing CVE-2011-3193.
 
  -- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>  Sat, 09 Feb 2013 13:43:51 -0300
 
diff --git a/debian/patches/Check_for_buffer_overflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch b/debian/patches/Check_for_buffer_overflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch
new file mode 100644
index 0000000..433cb1e
--- /dev/null
+++ b/debian/patches/Check_for_buffer_overflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch
@@ -0,0 +1,26 @@
+From 9ae6f2f9a57f0c3096d5785913e437953fa6775c Mon Sep 17 00:00:00 2001
+From: Jiang Jiang <jiang.jiang at nokia.com>
+Date: Mon, 18 Jul 2011 08:49:32 +0200
+Subject: [PATCH] Check for buffer overflow in Lookup_MarkMarkPos
+
+That may cause crash in this function with certain fonts.
+
+Task-number: QTBUG-17238
+Done-by: Alberto Garcia <agarcia at igalia.com>
+Reviewed-by: Jiang Jiang
+---
+ src/3rdparty/harfbuzz/src/harfbuzz-gpos.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/src/3rdparty/harfbuzz/src/harfbuzz-gpos.c
++++ b/src/3rdparty/harfbuzz/src/harfbuzz-gpos.c
+@@ -3015,6 +3015,9 @@ static HB_Error  Lookup_MarkMarkPos( GPO
+   if ( i > buffer->in_pos )
+     return HB_Err_Not_Covered;
+ 
++  if ( i > buffer->in_pos )
++    return HB_Err_Not_Covered;
++
+   error = _HB_OPEN_Coverage_Index( &mmp->Mark2Coverage, IN_GLYPH( j ),
+ 			  &mark2_index );
+   if ( error )
diff --git a/debian/patches/series b/debian/patches/series
index c972b18..503f669 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,6 +9,7 @@ cve_2010_3170_ssl_certificates_wildcard.diff
 change_all_shmget_calls_to_use_user-only_memory.patch
 ssl_certificates_blacklist.patch
 CVE-2011-3922.patch
+Check_for_buffer_overflow_in_Lookup_MarkMarkPos_CVE-2011-3193.patch
 
 # qt-copy patches
 0180-window-role.diff

-- 
Qt 4 packaging

More information about the pkg-kde-commits mailing list