|
@@ -1,7 +1,7 @@
|
|
|
Summary: PostScript Type 1 font rasterizer
|
|
|
Name: t1lib
|
|
|
Version: 5.1.2
|
|
|
-Release: 2%{?_dist_release}
|
|
|
+Release: 3%{?_dist_release}
|
|
|
Epoch: 1
|
|
|
|
|
|
Group: System Environment/Libraries
|
|
@@ -12,11 +12,17 @@ Source: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/%{name}-%{version}.tar.gz
|
|
|
Patch1: %{name}-doc.patch.bz2
|
|
|
Patch2: %{name}-config.patch.bz2
|
|
|
Patch3: %{name}-5.1.2-segf.patch
|
|
|
+# security fixes
|
|
|
+Patch10: t1lib-5.1.2-CVE-2010-2642.patch
|
|
|
+Patch11: t1lib-5.1.2-CVE-2011-0764.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: libICE-devel libX11-devel libXaw-devel libXpm-devel
|
|
|
BuildRequires: texlive texlive-common
|
|
|
|
|
|
+Vendor: Project Vine
|
|
|
+Distribution: Vine Linux
|
|
|
+
|
|
|
%description
|
|
|
T1lib is a library for generating character and string-glyphs from
|
|
|
Adobe Type 1 fonts under UNIX. T1lib uses most of the code of the X11
|
|
@@ -59,6 +65,8 @@ It also contains the "t1libconfig" script used to configure t1lib.
|
|
|
%patch1 -p0
|
|
|
%patch2 -p0
|
|
|
%patch3 -p1 -b .segf
|
|
|
+%patch10 -p1 -b .CVE-2010-2642
|
|
|
+%patch11 -p1 -b .CVE-2011-0764
|
|
|
|
|
|
iconv -f latin1 -t utf8 < Changes > Changes.utf8
|
|
|
touch -r Changes Changes.utf8
|
|
@@ -125,6 +133,13 @@ rm -rf $RPM_BUILD_ROOT
|
|
|
%{_bindir}/*
|
|
|
|
|
|
%changelog
|
|
|
+* Mon Jan 16 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 5.1.2-3
|
|
|
+- add patch10 for fix CVE-2010-2642 (AFM font metrics parser)
|
|
|
+ CVE-2011-0433 is fixed on the this patch.
|
|
|
+- add patch11 for fix CVE-2011-0764 (AFM font metrics parser)
|
|
|
+ CVE-2011-0764, CVE-2011-1552, 53, 54 are fixed by this patch
|
|
|
+- add Vendor/Distri Tags
|
|
|
+
|
|
|
* Fri Jun 03 2011 Daisuke SUZUKI <daisuke@linux.or.jp> 5.1.2-2
|
|
|
- add BR: texlive-common
|
|
|
|