Created attachment 192577 [details] Proposed patch (since 466285 revision) Patch for print/freetype2 port with upstream fix for CVE-2018-6942: "An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file." https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942 https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef Based on message about CVE-2018-6942 in docs/CHANGES file: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=632a11f91f0d932ac498e9e6ca022c9903ab05e9
(In reply to comment #0) For reference: The TT_CONFIG_OPTION_GX_VAR_SUPPORT defined by default in include/freetype/config/ftoption.h file: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-9#n680 which used before Ins_GETVARIATION function definition: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/truetype/ttinterp.c?h=VER-2-9#n7507
The FreeType was updated to 2.9.1 version: https://sourceforge.net/projects/freetype/files/freetype2/2.9.1 https://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/CHANGES?h=VER-2-9-1 The update for print/freetype2 port was proposed in bug 227936, therefore this PR was closed.
A commit references this bug: Author: jbeich Date: Wed May 2 23:30:10 UTC 2018 New revision: 468891 URL: https://svnweb.freebsd.org/changeset/ports/468891 Log: print/freetype2: apply CVE-2018-6942 fix PR: 227568 Submitted by: lightside@gmx.com Obtained from: upstream (freetype 2.9.1) Approved by: ports-secteam blanket Changes: branches/2018Q2/print/freetype2/Makefile branches/2018Q2/print/freetype2/files/patch-CVE-2018-6942