This is a request for a freeze exception on freetype 2.3.7-1, just uploaded to unstable to fix RC bug #487101.
The full debdiff is attached. This is a straightforward fix, but freetype provides a udeb, so I'm asking here before unblocking. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED]
diff -u freetype-2.3.7/debian/changelog freetype-2.3.7/debian/changelog --- freetype-2.3.7/debian/changelog +++ freetype-2.3.7/debian/changelog @@ -1,3 +1,12 @@ +freetype (2.3.7-2) unstable; urgency=high + + * High-urgency upload for RC bugfix. + * Add debian/patches-freetype/no-segfault-on-load_mac_face, patch from + upstream to fix a segfault due to uninitialized memory in certain + failures of FT_Stream_New. Closes: #487101. + + -- Steve Langasek <[EMAIL PROTECTED]> Thu, 21 Aug 2008 12:09:17 -0700 + freetype (2.3.7-1) unstable; urgency=low * New upstream release diff -u freetype-2.3.7/debian/patches-freetype/series freetype-2.3.7/debian/patches-freetype/series --- freetype-2.3.7/debian/patches-freetype/series +++ freetype-2.3.7/debian/patches-freetype/series @@ -5,0 +6 @@ +no-segfault-on-load_mac_face only in patch2: unchanged: --- freetype-2.3.7.orig/debian/patches-freetype/no-segfault-on-load_mac_face +++ freetype-2.3.7/debian/patches-freetype/no-segfault-on-load_mac_face @@ -0,0 +1,50 @@ +2008-08-19 suzuki toshiya <[EMAIL PROTECTED]> + + * src/base/ftobjs.c (FT_Stream_New): Initialize *astream + always, even if passed library or arguments are invalid. + This fixes a bug that uninitialized stream is freed when + an invalid library handle is passed. Originally proposed + by Mike Fabian, 2008/08/18 on freetype-devel. + (FT_Open_Face): Ditto (stream). + (load_face_in_embedded_rfork): Ditto (stream2). + +Fixes Debian bug #487101. + +Index: freetype-2.3.7/src/base/ftobjs.c +=================================================================== +--- freetype-2.3.7.orig/src/base/ftobjs.c ++++ freetype-2.3.7/src/base/ftobjs.c +@@ -128,13 +128,14 @@ + FT_Stream stream; + + ++ *astream = 0; ++ + if ( !library ) + return FT_Err_Invalid_Library_Handle; + + if ( !args ) + return FT_Err_Invalid_Argument; + +- *astream = 0; + memory = library->memory; + + if ( FT_NEW( stream ) ) +@@ -1600,7 +1601,7 @@ + FT_Error errors[FT_RACCESS_N_RULES]; + + FT_Open_Args args2; +- FT_Stream stream2; ++ FT_Stream stream2 = 0; + + + FT_Raccess_Guess( library, stream, +@@ -1713,7 +1714,7 @@ + FT_Error error; + FT_Driver driver; + FT_Memory memory; +- FT_Stream stream; ++ FT_Stream stream = 0; + FT_Face face = 0; + FT_ListNode node = 0; + FT_Bool external_stream;
