diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000000000000000000000000000000000..d87f5613ec4234f82f8eaeebc563711f587fdf88 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +*.xz filter=lfs diff=lfs merge=lfs -text diff --git a/.lfsconfig b/.lfsconfig new file mode 100644 index 0000000000000000000000000000000000000000..a5accc6370f7384171d88e73932b5094f218a377 --- /dev/null +++ b/.lfsconfig @@ -0,0 +1,2 @@ +[lfs] + url = https://artlfs.openeuler.openatom.cn/src-openEuler/harfbuzz diff --git a/backport-CVE-2024-56732.patch b/backport-CVE-2024-56732.patch deleted file mode 100644 index bf053fdc9f71fba55bb13d66cae16254709b5b8b..0000000000000000000000000000000000000000 --- a/backport-CVE-2024-56732.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 1767f99e2e2196c3fcae27db6d8b60098d3f6d26 Mon Sep 17 00:00:00 2001 -From: Behdad Esfahbod -Date: Sun, 10 Nov 2024 22:43:28 -0700 -Subject: [PATCH] [cairo] Guard hb_cairo_glyphs_from_buffer() against bad UTF-8 - -Previously it was assuming valid UTF-8. ---- - src/hb-cairo.cc | 2 ++ - src/hb-utf.hh | 6 ++++-- - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/hb-cairo.cc b/src/hb-cairo.cc -index d8b582c4908..4d22ae059ff 100644 ---- a/src/hb-cairo.cc -+++ b/src/hb-cairo.cc -@@ -1000,6 +1000,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer, - end = start + hb_glyph[i].cluster - hb_glyph[i+1].cluster; - else - end = (const char *) hb_utf_offset_to_pointer ((const uint8_t *) start, -+ (const uint8_t *) utf8, utf8_len, - (signed) (hb_glyph[i].cluster - hb_glyph[i+1].cluster)); - (*clusters)[cluster].num_bytes = end - start; - start = end; -@@ -1020,6 +1021,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer, - end = start + hb_glyph[i].cluster - hb_glyph[i-1].cluster; - else - end = (const char *) hb_utf_offset_to_pointer ((const uint8_t *) start, -+ (const uint8_t *) utf8, utf8_len, - (signed) (hb_glyph[i].cluster - hb_glyph[i-1].cluster)); - (*clusters)[cluster].num_bytes = end - start; - start = end; -diff --git a/src/hb-utf.hh b/src/hb-utf.hh -index 1120bd1cccf..6db9bf2fd79 100644 ---- a/src/hb-utf.hh -+++ b/src/hb-utf.hh -@@ -458,19 +458,21 @@ struct hb_ascii_t - template - static inline const typename utf_t::codepoint_t * - hb_utf_offset_to_pointer (const typename utf_t::codepoint_t *start, -+ const typename utf_t::codepoint_t *text, -+ unsigned text_len, - signed offset) - { - hb_codepoint_t unicode; - - while (offset-- > 0) - start = utf_t::next (start, -- start + utf_t::max_len, -+ text + text_len, - &unicode, - HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT); - - while (offset++ < 0) - start = utf_t::prev (start, -- start - utf_t::max_len, -+ text, - &unicode, - HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT); - diff --git a/harfbuzz-10.1.0.tar.xz b/harfbuzz-10.1.0.tar.xz deleted file mode 100644 index 286f6cf8f633535180fecd3c717376b26fc78f99..0000000000000000000000000000000000000000 Binary files a/harfbuzz-10.1.0.tar.xz and /dev/null differ diff --git a/harfbuzz-10.2.0.tar.xz b/harfbuzz-10.2.0.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..68f1336908e5c4c4fdbbc2b7af9325d6eccdbc17 --- /dev/null +++ b/harfbuzz-10.2.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:620e3468faec2ea8685d32c46a58469b850ef63040b3565cde05959825b48227 +size 17957608 diff --git a/harfbuzz.spec b/harfbuzz.spec index 83a79bb94ce2cbf43b029e0db633dcc3574588d1..305d72e61025d9ddb8efe48d10acf1fa14ecddbf 100644 --- a/harfbuzz.spec +++ b/harfbuzz.spec @@ -1,13 +1,11 @@ Name: harfbuzz -Version: 10.1.0 -Release: 2 +Version: 10.2.0 +Release: 1 Summary: A text shaping engine License: MIT-Modern-Variant URL: https://harfbuzz.github.io/ Source0: https://github.com/harfbuzz/harfbuzz/releases/download/%{version}/harfbuzz-%{version}.tar.xz -Patch6000: backport-CVE-2024-56732.patch - BuildRequires: meson >= 0.55.0 BuildRequires: gobject-introspection-devel BuildRequires: gtk-doc @@ -77,6 +75,9 @@ Header files and libraries for building a extension library for %{name}. %{_datadir}/gtk-doc/html/harfbuzz %changelog +* Sun Jan 12 2025 Funda Wang - 10.2.0-1 +- update to 10.2.0 + * Mon Dec 30 2024 zhangpan - 10.1.0-2 - fix CVE-2024-56732