Thread (9 messages) 9 messages, 3 authors, 2021-04-05

Re: [OE-core] [PATCH] cairo: upgrade 1.16.0 -> 1.17.4

From: Alexander Kanavin <hidden>
Date: 2021-03-31 15:49:09 

This is a development version, which is made very clearly:
https://cairographics.org/snapshots/

What's the rationale for this update?

Alex

On Wed, 31 Mar 2021 at 16:22, wangmy [off-list ref] wrote:
quoted hunk ↗ jump to hunk
CVE-2018-19876.patch
removed since it is included in 1.17.4

Signed-off-by: Wang Mingyu <redacted>
---
 .../cairo/cairo/CVE-2018-19876.patch          | 34 -------------------
 .../{cairo_1.16.0.bb => cairo_1.17.4.bb}      |  7 ++--
 2 files changed, 3 insertions(+), 38 deletions(-)
 delete mode 100644 meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
 rename meta/recipes-graphics/cairo/{cairo_1.16.0.bb => cairo_1.17.4.bb}
(94%)

diff --git a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
b/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
deleted file mode 100644
index 4252a5663b..0000000000
--- a/meta/recipes-graphics/cairo/cairo/CVE-2018-19876.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-CVE: CVE-2018-19876
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 90e85c2493fdfa3551f202ff10282463f1e36645 Mon Sep 17 00:00:00 2001
-From: Carlos Garcia Campos <cgarcia@igalia.com>
-Date: Mon, 19 Nov 2018 12:33:07 +0100
-Subject: [PATCH] ft: Use FT_Done_MM_Var instead of free when available in
- cairo_ft_apply_variations
-
-Fixes a crash when using freetype >= 2.9
----
- src/cairo-ft-font.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/cairo-ft-font.c b/src/cairo-ft-font.c
-index 325dd61b4..981973f78 100644
---- a/src/cairo-ft-font.c
-+++ b/src/cairo-ft-font.c
-@@ -2393,7 +2393,11 @@ skip:
- done:
-         free (coords);
-         free (current_coords);
-+#if HAVE_FT_DONE_MM_VAR
-+        FT_Done_MM_Var (face->glyph->library, ft_mm_var);
-+#else
-         free (ft_mm_var);
-+#endif
-     }
- }
-
---
-2.11.0
-
diff --git a/meta/recipes-graphics/cairo/cairo_1.16.0.bb
b/meta/recipes-graphics/cairo/cairo_1.17.4.bb
similarity index 94%
rename from meta/recipes-graphics/cairo/cairo_1.16.0.bb
rename to meta/recipes-graphics/cairo/cairo_1.17.4.bb
index 68f993d7ca..e92540c49e 100644
--- a/meta/recipes-graphics/cairo/cairo_1.16.0.bb
+++ b/meta/recipes-graphics/cairo/cairo_1.17.4.bb
@@ -22,15 +22,14 @@ LIC_FILES_CHKSUM =
"file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77"

 DEPENDS = "fontconfig glib-2.0 libpng pixman zlib"

-SRC_URI = "http://cairographics.org/releases/cairo-${PV}.tar.xz \
+SRC_URI = "https://cairographics.org/snapshots/cairo-${PV}.tar.xz \
            file://cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff \
-           file://CVE-2018-19876.patch \
            file://CVE-2019-6461.patch \
            file://CVE-2019-6462.patch \
           "

-SRC_URI[md5sum] = "f19e0353828269c22bd72e271243a552"
-SRC_URI[sha256sum] =
"5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331"
+SRC_URI[md5sum] = "bf9d0d324ecbd350d0e9308125fa4ce0"
+SRC_URI[sha256sum] =
"74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705"

 inherit autotools pkgconfig upstream-version-is-even gtk-doc
multilib_script

--
2.25.1
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help