<pre style='margin:0'>
Frank Schima (mf2k) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/9b015e933c3aeacf42833a2052550608acd8f13c">https://github.com/macports/macports-ports/commit/9b015e933c3aeacf42833a2052550608acd8f13c</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new 9b015e9 fribidi: fix CVE-2019-18397 - Stack buffer overflow
</span>9b015e9 is described below
<span style='display:block; white-space:pre;color:#808000;'>commit 9b015e933c3aeacf42833a2052550608acd8f13c
</span>Author: Davide Gerhard <rainbow@irh.it>
AuthorDate: Fri Nov 8 18:25:29 2019 +0100
<span style='display:block; white-space:pre;color:#404040;'> fribidi: fix CVE-2019-18397 - Stack buffer overflow
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> see https://seclists.org/oss-sec/2019/q4/59
</span>---
textproc/fribidi/Portfile | 8 ++++++--
textproc/fribidi/files/CVE-2019-18397.patch | 24 ++++++++++++++++++++++++
2 files changed, 30 insertions(+), 2 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/textproc/fribidi/Portfile b/textproc/fribidi/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index b121bcd..3107656 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/textproc/fribidi/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/textproc/fribidi/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -4,7 +4,7 @@ PortSystem 1.0
</span>
PortGroup github 1.0
github.setup fribidi fribidi 1.0.7 v
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 1
</span>
categories textproc
license LGPL-2.1+
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -28,7 +28,11 @@ depends_build port:pkgconfig
</span> use_autoreconf yes
autoreconf.args -fvi
<span style='display:block; white-space:pre;background:#ffe0e0;'>-patchfiles gen.tab_Makefile.am.patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# remove CVE-2019-18397.patch with the next release
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+patchfiles \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ gen.tab_Makefile.am.patch \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ CVE-2019-18397.patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> post-patch {
# git.mk seems to trigger a ./config.status --recheck, which is unnecessary
# and additionally fails due to quoting
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/textproc/fribidi/files/CVE-2019-18397.patch b/textproc/fribidi/files/CVE-2019-18397.patch
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 0000000..eb8867d
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/textproc/fribidi/files/CVE-2019-18397.patch
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,24 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+From 034c6e9a1d296286305f4cfd1e0072b879f52568 Mon Sep 17 00:00:00 2001
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+From: Dov Grobgeld <dov.grobgeld@gmail.com>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Date: Thu, 24 Oct 2019 09:37:29 +0300
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Subject: [PATCH] Truncate isolate_level to FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+---
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib/fribidi-bidi.c | 4 +++-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 1 file changed, 3 insertions(+), 1 deletion(-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git a/lib/fribidi-bidi.c b/lib/fribidi-bidi.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+index 6c84392..d384878 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib/fribidi-bidi.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib/fribidi-bidi.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -747,7 +747,9 @@ fribidi_get_par_embedding_levels_ex (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ RL_LEVEL (pp) = level;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RL_ISOLATE_LEVEL (pp) = isolate_level++;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ RL_ISOLATE_LEVEL (pp) = isolate_level;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if (isolate_level < FRIBIDI_BIDI_MAX_EXPLICIT_LEVEL-1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ isolate_level++;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ base_level_per_iso_level[isolate_level] = new_level;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (!FRIBIDI_IS_NEUTRAL (override))
</span></pre><pre style='margin:0'>
</pre>