libxfont: upgrade to 1.5.1

Remove the backported patches as they're integrated in this release.

(From OE-Core rev: 425096a81afcf1f60dad8e74e10b2fe36d72a854)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadCharacters-bailout-if-a-char-s-bitmap-cannot-.patch

@@ -1,40 +0,0 @@
-From 78c2e3d70d29698244f70164428bd2868c0ab34c Mon Sep 17 00:00:00 2001
-From: Alan Coopersmith <alan.coopersmith@oracle.com>
-Date: Fri, 6 Feb 2015 15:54:00 -0800
-Subject: [PATCH] bdfReadCharacters: bailout if a char's bitmap cannot be read
- [CVE-2015-1803]
-
-Previously would charge on ahead with a NULL pointer in ci->bits, and
-then crash later in FontCharInkMetrics() trying to access the bits.
-
-Found with afl-1.23b.
-
-Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Julien Cristau <jcristau@debian.org>
-
-Upstream-Status: backport
-
-Signed-off-by: Li Zhou <li.zhou@windriver.com>
----
- src/bitmap/bdfread.c |    5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/bitmap/bdfread.c b/src/bitmap/bdfread.c
-index 6387908..1b29b81 100644
---- a/src/bitmap/bdfread.c
-+++ b/src/bitmap/bdfread.c
-@@ -458,7 +458,10 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
- 	    ci->metrics.descent = -bb;
- 	    ci->metrics.characterWidth = wx;
- 	    ci->bits = NULL;
--	    bdfReadBitmap(ci, file, bit, byte, glyph, scan, bitmapsSizes);
-+	    if (!bdfReadBitmap(ci, file, bit, byte, glyph, scan, bitmapsSizes)) {
-+		bdfError("could not read bitmap for character '%s'\n", charName);
-+		goto BAILOUT;
-+	    }
- 	    ci++;
- 	    ndx++;
- 	} else
--- 
-1.7.9.5
-

meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadCharacters-ensure-metrics-fit-into-xCharInfo-.patch

@@ -1,80 +0,0 @@
-From 2351c83a77a478b49cba6beb2ad386835e264744 Mon Sep 17 00:00:00 2001
-From: Alan Coopersmith <alan.coopersmith@oracle.com>
-Date: Fri, 6 Mar 2015 22:54:58 -0800
-Subject: [PATCH] bdfReadCharacters: ensure metrics fit into xCharInfo struct
- [CVE-2015-1804]
-
-We use 32-bit ints to read from the bdf file, but then try to stick
-into a 16-bit int in the xCharInfo struct, so make sure they won't
-overflow that range.
-
-Found by afl-1.24b.
-
-v2: Verify that additions won't overflow 32-bit int range either.
-v3: As Julien correctly observes, the previous check for bh & bw not
-    being < 0 reduces the number of cases we need to check for overflow.
-
-Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Julien Cristau <jcristau@debian.org>
-
-Upstream-Status: backport
-
-Signed-off-by: Li Zhou <li.zhou@windriver.com>
----
- src/bitmap/bdfread.c |   26 ++++++++++++++++++++++++--
- 1 file changed, 24 insertions(+), 2 deletions(-)
-
-diff --git a/src/bitmap/bdfread.c b/src/bitmap/bdfread.c
-index 1b29b81..a0ace8f 100644
---- a/src/bitmap/bdfread.c
-+++ b/src/bitmap/bdfread.c
-@@ -62,8 +62,16 @@ from The Open Group.
- 
- #if HAVE_STDINT_H
- #include <stdint.h>
--#elif !defined(INT32_MAX)
--#define INT32_MAX 0x7fffffff
-+#else
-+# ifndef INT32_MAX
-+#  define INT32_MAX 0x7fffffff
-+# endif
-+# ifndef INT16_MAX
-+#  define INT16_MAX 0x7fff
-+# endif
-+# ifndef INT16_MIN
-+#  define INT16_MIN (0 - 0x8000)
-+# endif
- #endif
- 
- #define INDICES 256
-@@ -417,6 +425,12 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
- 	    bdfError("DWIDTH y value must be zero\n");
- 	    goto BAILOUT;
- 	}
-+	/* xCharInfo metrics are stored as INT16 */
-+	if ((wx < 0) || (wx > INT16_MAX)) {
-+	    bdfError("character '%s' has out of range width, %d\n",
-+		     charName, wx);
-+	    goto BAILOUT;
-+	}
- 	line = bdfGetLine(file, lineBuf, BDFLINELEN);
- 	if ((!line) || (sscanf((char *) line, "BBX %d %d %d %d", &bw, &bh, &bl, &bb) != 4)) {
- 	    bdfError("bad 'BBX'\n");
-@@ -427,6 +441,14 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
- 		     charName, bw, bh);
- 	    goto BAILOUT;
- 	}
-+	/* xCharInfo metrics are read as int, but stored as INT16 */
-+	if ((bl > INT16_MAX) || (bl < INT16_MIN) ||
-+	    (bb > INT16_MAX) || (bb < INT16_MIN) ||
-+	    (bw > (INT16_MAX - bl)) || (bh > (INT16_MAX - bb))) {
-+	    bdfError("character '%s' has out of range metrics, %d %d %d %d\n",
-+		     charName, bl, (bl+bw), (bh+bb), -bb);
-+	    goto BAILOUT;
-+	}
- 	line = bdfGetLine(file, lineBuf, BDFLINELEN);
- 	if ((line) && (bdfIsPrefix(line, "ATTRIBUTES"))) {
- 	    for (p = line + strlen("ATTRIBUTES ");
--- 
-1.7.9.5
-

meta/recipes-graphics/xorg-lib/libxfont/0001-bdfReadProperties-property-count-needs-range-check-C.patch

@@ -1,38 +0,0 @@
-From 2deda9906480f9c8ae07b8c2a5510cc7e4c59a8e Mon Sep 17 00:00:00 2001
-From: Alan Coopersmith <alan.coopersmith@oracle.com>
-Date: Fri, 6 Feb 2015 15:50:45 -0800
-Subject: [PATCH] bdfReadProperties: property count needs range check
- [CVE-2015-1802]
-
-Avoid integer overflow or underflow when allocating memory arrays
-by multiplying the number of properties reported for a BDF font.
-
-Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
-Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-Reviewed-by: Julien Cristau <jcristau@debian.org>
-
-Upstream-Status: backport
-
-Signed-off-by: Li Zhou <li.zhou@windriver.com>
----
- src/bitmap/bdfread.c |    4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/src/bitmap/bdfread.c b/src/bitmap/bdfread.c
-index 914a024..6387908 100644
---- a/src/bitmap/bdfread.c
-+++ b/src/bitmap/bdfread.c
-@@ -604,7 +604,9 @@ bdfReadProperties(FontFilePtr file, FontPtr pFont, bdfFileState *pState)
- 	bdfError("missing 'STARTPROPERTIES'\n");
- 	return (FALSE);
-     }
--    if (sscanf((char *) line, "STARTPROPERTIES %d", &nProps) != 1) {
-+    if ((sscanf((char *) line, "STARTPROPERTIES %d", &nProps) != 1) ||
-+	(nProps <= 0) ||
-+	(nProps > ((INT32_MAX / sizeof(FontPropRec)) - BDF_GENPROPS))) {
- 	bdfError("bad 'STARTPROPERTIES'\n");
- 	return (FALSE);
-     }
--- 
-1.7.9.5
-

meta/recipes-graphics/xorg-lib/libxfont_1.5.1.bb

@@ -18,10 +18,5 @@ XORG_PN = "libXfont"
 
 BBCLASSEXTEND = "native"
 
-SRC_URI += "file://0001-bdfReadProperties-property-count-needs-range-check-C.patch \
-            file://0001-bdfReadCharacters-bailout-if-a-char-s-bitmap-cannot-.patch \
-            file://0001-bdfReadCharacters-ensure-metrics-fit-into-xCharInfo-.patch \
-           "
-
-SRC_URI[md5sum] = "664629bfa7cdf8b984155019fd395dcb"
-SRC_URI[sha256sum] = "3a3c52c4adf9352b2160f07ff0596af17ab14f91d6509564e606678a1261c25f"
+SRC_URI[md5sum] = "96f76ba94b4c909230bac1e2dcd551c4"
+SRC_URI[sha256sum] = "b70898527c73f9758f551bbab612af611b8a0962202829568d94f3edf4d86098"