godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-04 06:10:16 +03:00
Code Issues Packages Projects Releases Wiki Activity

package/libass: security bump to version 0.15

Browse Source 
- harfbuzz is mandatory since
  f3e2c97e18
- Fix CVE-2020-26682 (In libass 0.14.0, the `ass_outline_construct`'s
  call to `outline_stroke` causes a signed integer overflow.) through
  676f9dc5b5
  which does not apply cleanly over version 0.14.
  It should be noted that version 0.15 also fixes other integer
  overflows (which have no CVE assigned)
- Update indentation in hash file (two spaces)

https://github.com/libass/libass/releases/tag/0.15.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Fabrice Fontaine
2020-10-29 14:24:29 +01:00
committed by Peter Korsgaard
parent 105004f72a
commit 4ae8ecea8f
6 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
package/harfbuzz/Config.in
View File

@@ -11,7 +11,7 @@ config BR2_PACKAGE_HARFBUZZ
Harfbuzz can make optional use of cairo, freetype,
glib2 and icu packages if they are selected.
comment "harfbuzz needs a toolchain w/ C++, gcc => 4.8"
comment "harfbuzz needs a toolchain w/ C++, gcc >= 4.8"
depends on BR2_TOOLCHAIN_HAS_SYNC_4
depends on !BR2_INSTALL_LIBSTDCPP || \
!BR2_TOOLCHAIN_GCC_AT_LEAST_4_8