rm cairo-1.15.14.tar.xz CVE-2018-19876

2020-10-15 09:54:24 +08:00 · 2020-10-15 09:54:24 +08:00 · 889e731473
commit 889e731473
parent 490d2c5017
3 changed files with 4 additions and 31 deletions
--- a/CVE-2018-19876.patch
+++ b/CVE-2018-19876.patch
@ -1,30 +0,0 @@
-From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001
-From: Carlos Garcia Campos <cgarcia@igalia.com>
-Date: Thu, 17 Sep 2020 15:55:42 -0400
-Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in
- cairo_ft_apply_variations
-
-Fixes a crash when using freetype >= 2.9
---
- src/cairo-ft-font.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
-index 325dd61..b63258d 100644
--- a/src/cairo-ft-font.c
-+++ b/src/cairo-ft-font.c
-@@ -2393,7 +2393,11 @@ skip:
- done:
-         free (coords);
-         free (current_coords);
-+#if HAVE_FT_DONE_MM_VAR
-+	FT_Done_MM_Var (face->glyph->library, ft_mm_var);
-+#else
-         free (ft_mm_var);
-+#endif
-     }
- }
- 
-- 
-2.23.0
-
--- a/cairo-1.15.14.tar.xz
+++ b/cairo-1.15.14.tar.xz
--- a/cairo.spec
+++ b/cairo.spec
@ -2,7 +2,7 @@

 Name:           cairo
 Version:        1.16.0
-Release:        1
+Release:        2
 Summary:        A 2D graphics library
 License:        LGPLv2 or MPLv1.1
 URL:            http://cairographics.org
@ -83,6 +83,9 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %{_bindir}/cairo-trace

 %changelog
+* Thu Oct 15 2020 yanglu <yanglu60@huawei.com> - 1.16.0-2
+- remove cairo-1.15.14.tar.xz CVE-2018-19876
+
 * Wed Oct 14 2020 yanglu <yanglu60@huawei.com> - 1.16.0-1
 - Version upgrade