Version in base suite: 1.3.14-2

Base version: graphite2_1.3.14-2
Target version: graphite2_1.3.14-2+deb13u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/graphite2/graphite2_1.3.14-2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/g/graphite2/graphite2_1.3.14-2+deb13u1.dsc

 changelog                                              |    7 +++
 patches/ad78c6b7319909e1540c1b134e115ced03417866.patch |   34 +++++++++++++++++
 patches/series                                         |    1 
 3 files changed, 42 insertions(+)

dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpn60brsex/graphite2_1.3.14-2.dsc: no acceptable signature found
dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpn60brsex/graphite2_1.3.14-2+deb13u1.dsc: no acceptable signature found
diff -Nru graphite2-1.3.14/debian/changelog graphite2-1.3.14/debian/changelog
--- graphite2-1.3.14/debian/changelog	2023-12-24 10:38:53.000000000 +0000
+++ graphite2-1.3.14/debian/changelog	2026-06-06 17:55:55.000000000 +0000
@@ -1,3 +1,10 @@
+graphite2 (1.3.14-2+deb13u1) trixie; urgency=medium
+
+  * debian/patches/ad78c6b7319909e1540c1b134e115ced03417866.patch:
+    fix CVE-2026-50593 
+
+ -- Rene Engelhard <rene@debian.org>  Sat, 06 Jun 2026 19:55:55 +0200
+
 graphite2 (1.3.14-2) unstable; urgency=medium
 
   [ Debian Janitor ]
diff -Nru graphite2-1.3.14/debian/patches/ad78c6b7319909e1540c1b134e115ced03417866.patch graphite2-1.3.14/debian/patches/ad78c6b7319909e1540c1b134e115ced03417866.patch
--- graphite2-1.3.14/debian/patches/ad78c6b7319909e1540c1b134e115ced03417866.patch	1970-01-01 00:00:00.000000000 +0000
+++ graphite2-1.3.14/debian/patches/ad78c6b7319909e1540c1b134e115ced03417866.patch	2026-06-06 17:55:55.000000000 +0000
@@ -0,0 +1,34 @@
+From ad78c6b7319909e1540c1b134e115ced03417866 Mon Sep 17 00:00:00 2001
+From: Tim Eves <tim_eves@sil.org>
+Date: Mon, 1 Jun 2026 03:21:42 +0700
+Subject: [PATCH] Fix an underflow case that can be induced by crafted graphite
+ actions.
+
+This can be used to induce an out-of-bounds write prior to the slotmap.
+
+Add tests that will crash the engine if the underflow can be caused.
+---
+ src/inc/opcodes.h              |   3 +-
+ tests/CMakeLists.txt           |   1 +
+ tests/fonts/underflow.ttf      | Bin 0 -> 58340 bytes
+ tests/standards/underflow.json | 473 +++++++++++++++++++++++++++++++++
+ tests/standards/underflow.log  |   2 +
+ 5 files changed, 478 insertions(+), 1 deletion(-)
+ create mode 100644 tests/fonts/underflow.ttf
+ create mode 100644 tests/standards/underflow.json
+ create mode 100644 tests/standards/underflow.log
+
+diff --git a/src/inc/opcodes.h b/src/inc/opcodes.h
+index 10ba1772..f6166693 100644
+--- a/src/inc/opcodes.h
++++ b/src/inc/opcodes.h
+@@ -53,7 +53,8 @@
+ 
+ #define push(n)             { *++sp = n; }
+ #define pop()               (*sp--)
+-#define slotat(x)           (map[(x)])
++#define slotat(x)           ((map + (x) >= &smap[-1] && map + (x) < smap.end()) ? \
++                                map[(x)] : (status = Machine::slot_offset_out_bounds, nullptr))
+ #define DIE                 { is=seg.last(); status = Machine::died_early; EXIT(1); }
+ #define POSITIONED          1
+ 
diff -Nru graphite2-1.3.14/debian/patches/series graphite2-1.3.14/debian/patches/series
--- graphite2-1.3.14/debian/patches/series	2023-12-24 10:38:53.000000000 +0000
+++ graphite2-1.3.14/debian/patches/series	2026-06-06 17:55:55.000000000 +0000
@@ -9,3 +9,4 @@
 spell-out-lesser-and-greater.diff 
 no-explicit-dot-font-settings.diff 
 explicit-pdflatex.diff
+ad78c6b7319909e1540c1b134e115ced03417866.patch