From 608f65b2f3cd384b624bf0e614b25d3ade8f1b3b Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Tue, 8 Jan 2019 11:19:04 +0000
Subject: main/cairo: security fix (CVE-2018-19876)

Fixes #9748
---
 main/cairo/APKBUILD             | 10 ++++++++--
 main/cairo/CVE-2018-19876.patch | 30 ++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 main/cairo/CVE-2018-19876.patch

diff --git a/main/cairo/APKBUILD b/main/cairo/APKBUILD
index 5c789131cb6..a081d8f580d 100644
--- a/main/cairo/APKBUILD
+++ b/main/cairo/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=cairo
 pkgver=1.16.0
-pkgrel=0
+pkgrel=1
 pkgdesc="A vector graphics library"
 url="https://cairographics.org/"
 arch="all"
@@ -14,9 +14,14 @@ makedepends="$depends_dev zlib-dev expat-dev glib-dev libpng-dev autoconf automa
 subpackages="$pkgname-dev $pkgname-doc $pkgname-gobject $pkgname-tools $pkgname-dbg"
 source="https://cairographics.org/releases/cairo-$pkgver.tar.xz
 	musl-stacksize.patch
+	CVE-2018-19876.patch
 	"
 builddir="$srcdir/$pkgname-$pkgver"
 
+# secfixes:
+#   1.16.0-r1:
+#     - CVE-2018-19876
+
 build() {
 	cd "$builddir"
 	./configure \
@@ -62,4 +67,5 @@ tools() {
 }
 
 sha512sums="9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f  cairo-1.16.0.tar.xz
-86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0  musl-stacksize.patch"
+86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0  musl-stacksize.patch
+8f13cdcae0f134e04778cf5915f858fb8d5357a7e0a454791c93d1566935b985ec66dfe1683cd0b74a1cb44a130923d7a27cf006f3fc70b9bee93abd58a55aa3  CVE-2018-19876.patch"
diff --git a/main/cairo/CVE-2018-19876.patch b/main/cairo/CVE-2018-19876.patch
new file mode 100644
index 00000000000..c9cd71f4ae9
--- /dev/null
+++ b/main/cairo/CVE-2018-19876.patch
@@ -0,0 +1,30 @@
+From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001
+From: Carlos Garcia Campos <cgarcia@igalia.com>
+Date: Mon, 19 Nov 2018 12:33:07 +0100
+Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in
+ cairo_ft_apply_variations
+
+Fixes a crash when using freetype >= 2.9
+---
+ src/cairo-ft-font.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
+index 325dd61b4..981973f78 100644
+--- a/src/cairo-ft-font.c
++++ b/src/cairo-ft-font.c
+@@ -2393,7 +2393,11 @@ skip:
+ done:
+         free (coords);
+         free (current_coords);
++#if HAVE_FT_DONE_MM_VAR
++        FT_Done_MM_Var (face->glyph->library, ft_mm_var);
++#else
+         free (ft_mm_var);
++#endif
+     }
+ }
+ 
+-- 
+2.18.1
+
-- 
cgit v1.2.3