diff options
| author | Taichi Haradaguchi <20001722@ymail.ne.jp> | 2023-02-21 20:14:33 +0900 |
|---|---|---|
| committer | Andras Timar <andras.timar@collabora.com> | 2023-05-21 13:28:41 +0200 |
| commit | 55830830b255e2f474063d4a89e160f6a8219e72 (patch) | |
| tree | 7b14be0101b63c56f4d0a825f42b67760f03cd1f /download.lst | |
| parent | 5115fa097655a920231fc7eb957cfa9738007bdb (diff) | |
freetype: upgrade to release 2.13.0
Fixes CVE-2023-2004.[1]
As the issue has been fixed upstream[2], removed some codes from "external/freetype/ubsan.patch".
[1] "CVE-2023-2094"
<https://security-tracker.debian.org/tracker/CVE-2023-2004>
[2] "[truetype] Fix undefined pointer arithmetic."
<https://gitlab.freedesktop.org/freetype/freetype/-/commit/905270925dd0492ba557e58938e5513f062e6fc5>
Change-Id: I66c11e414cd9ecdad8678487d0c3f645a352ad92
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147464
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 803e3a63d879d8095b53b020cb648522fcb2af99)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/151922
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Tested-by: Jenkins
Diffstat (limited to 'download.lst')
| -rw-r--r-- | download.lst | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/download.lst b/download.lst index 9afed6738691..ece17d8f1628 100644 --- a/download.lst +++ b/download.lst @@ -261,8 +261,8 @@ FREEHAND_TARBALL := libfreehand-0.1.2.tar.xz # three static lines # so that git cherry-pick # will not run into conflicts -FREETYPE_SHA256SUM := ef5c336aacc1a079ff9262d6308d6c2a066dd4d2a905301c4adda9b354399033 -FREETYPE_TARBALL := freetype-2.12.0.tar.xz +FREETYPE_SHA256SUM := 5ee23abd047636c24b2d43c6625dcafc66661d1aca64dec9e0d05df29592624c +FREETYPE_TARBALL := freetype-2.13.0.tar.xz # three static lines # so that git cherry-pick # will not run into conflicts |