aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJ0WI <J0WI@users.noreply.github.com>2022-05-21 16:09:33 +0000
committerpsykose <alice@ayaya.dev>2022-05-21 18:14:18 +0200
commitd4cebf79d2bc11f1f445e900f2e3876446ac1afb (patch)
treed8695d55000f9634a728330c7944c089a6ab1a1e
parentd09be2727187b12686aa88967161174789718160 (diff)
downloadaports-d4cebf79d2bc11f1f445e900f2e3876446ac1afb.tar.gz
aports-d4cebf79d2bc11f1f445e900f2e3876446ac1afb.tar.bz2
aports-d4cebf79d2bc11f1f445e900f2e3876446ac1afb.tar.xz
main/cairo: patch CVE-2019-6461
-rw-r--r--main/cairo/APKBUILD12
-rw-r--r--main/cairo/fix-inf-loop-patch36
2 files changed, 45 insertions, 3 deletions
diff --git a/main/cairo/APKBUILD b/main/cairo/APKBUILD
index b4a63a44a5..8d5dcc14b6 100644
--- a/main/cairo/APKBUILD
+++ b/main/cairo/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=cairo
pkgver=1.16.0
-pkgrel=3
+pkgrel=4
pkgdesc="A vector graphics library"
url="https://cairographics.org/"
arch="all"
@@ -17,10 +17,13 @@ source="https://cairographics.org/releases/cairo-$pkgver.tar.xz
CVE-2018-19876.patch
pdf-flush.patch
85.patch
+ fix-inf-loop-patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.16.0-r4:
+# - CVE-2019-6461
# 1.16.0-r3:
# - CVE-2020-35492
# 1.16.0-r1:
@@ -70,8 +73,11 @@ tools() {
"$subpkgdir"/usr/lib/cairo/
}
-sha512sums="9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f cairo-1.16.0.tar.xz
+sha512sums="
+9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f cairo-1.16.0.tar.xz
86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0 musl-stacksize.patch
8f13cdcae0f134e04778cf5915f858fb8d5357a7e0a454791c93d1566935b985ec66dfe1683cd0b74a1cb44a130923d7a27cf006f3fc70b9bee93abd58a55aa3 CVE-2018-19876.patch
533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch
-20699d2dd10531f99587cdcd187a23e23bca5a9f031255c95aade4dadb79bbb62118c7ddff677c2fd20e4ba7694eee4debcd79a4d0736d62951a4fcee56ccae0 85.patch"
+20699d2dd10531f99587cdcd187a23e23bca5a9f031255c95aade4dadb79bbb62118c7ddff677c2fd20e4ba7694eee4debcd79a4d0736d62951a4fcee56ccae0 85.patch
+ebe5d71b18aa9eefe1e0a6c150761bb7abef41f144f37eb0bfa8a01947aacb1292ac131cf815dcaaaa6478c0aac07ca5428fba28ad346a00c5aaa5fa64f6ff5b fix-inf-loop-patch
+"
diff --git a/main/cairo/fix-inf-loop-patch b/main/cairo/fix-inf-loop-patch
new file mode 100644
index 0000000000..2a26876c36
--- /dev/null
+++ b/main/cairo/fix-inf-loop-patch
@@ -0,0 +1,36 @@
+From bbeaf08190d3006a80b80a77724801cd477a37b8 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <hlewin@worldiety.de>
+Date: Sat, 17 Apr 2021 19:15:03 +0200
+Subject: [PATCH] _arc_max_angle_for_tolerance_normalized: fix infinite loop
+
+---
+ src/cairo-arc.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+index 390397bae..1c891d1a0 100644
+--- a/src/cairo-arc.c
++++ b/src/cairo-arc.c
+@@ -90,16 +90,18 @@ _arc_max_angle_for_tolerance_normalized (double tolerance)
+ { M_PI / 11.0, 9.81410988043554039085e-09 },
+ };
+ int table_size = ARRAY_LENGTH (table);
++ const int max_segments = 1000; /* this value is chosen arbitrarily. this gives an error of about 1.74909e-20 */
+
+ for (i = 0; i < table_size; i++)
+ if (table[i].error < tolerance)
+ return table[i].angle;
+
+ ++i;
++
+ do {
+ angle = M_PI / i++;
+ error = _arc_error_normalized (angle);
+- } while (error > tolerance);
++ } while (error > tolerance && i < max_segments);
+
+ return angle;
+ }
+--
+GitLab
+