commit freetype2 for openSUSE:Factory
Hello community, here is the log from the commit of package freetype2 for openSUSE:Factory checked in at 2014-12-10 23:46:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/freetype2 (Old) and /work/SRC/openSUSE:Factory/.freetype2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "freetype2" Changes: -------- --- /work/SRC/openSUSE:Factory/freetype2/freetype2.changes 2014-03-18 16:21:13.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.freetype2.new/freetype2.changes 2014-12-10 23:45:46.000000000 +0100 @@ -1,0 +2,54 @@ +Mon Dec 8 15:43:58 UTC 2014 - hrvoje.senjan@gmail.com + +- Update to version 2.5.4 + * IMPORTANT BUG FIXES + - A variant of vulnerability CVE-2014-2240 was identified + (cf. http://savannah.nongnu.org/bugs/?43661) and fixed + in the new CFF driver. All users should upgrade. + - The new auto-hinter code using HarfBuzz crashed for some + invalid fonts. + - Many fixes to better protect against malformed input. + * IMPORTANT CHANGES + - Full auto-hinter support of the Devanagari script. + - Experimental auto-hinter support of the Telugu script. + - CFF stem darkening behaviour can now be controlled at + build time using the eight macros + CFF_CONFIG_OPTION_DARKENING_PARAMETER_{X,Y}{1,2,3,4} . + - Some fields in the `FT_Bitmap' structure have been changed + from signed to unsigned type, which better reflects + the actual usage. It is also an additional means to + protect against malformed input. This change doesn't break + the ABI; however, it might cause compiler warnings. + * MISCELLANEOUS + - Improvements to the auto-hinter's algorithm to recognize + stems and local extrema. + - Function `FT_Get_SubGlyph_Info' always returned an error + even in case of success. + - Version 2.5.1 introduced major bugs in the cjk part of + the auto-hinter, which are now fixed. + - The `FT_Sfnt_Tag' enumeration values have been changed to + uppercase, e.g. `FT_SFNT_HEAD'. The lowercase variants + are deprecated. This is for orthogonality with all other + enumeration (and enumeration-like) values in FreeType. + - `cmake' now supports builds of FreeType as an OS X framework + and for iOS. + - Improved project files for vc2010, + introducing a property file + - The documentation generator for the API reference has been + updated to produce better HTML code (with proper CSS). + At the same time, the documentation got a better structure. + - The FT_LOAD_BITMAP_CROP flag is obsolete; it is not used + by any driver. + - The TrueType DELTAP[123] bytecode instructions now work in + subpixel hinting mode as described in the ClearType + whitepaper (i.e., for touched points in the + non-subpixel direction). + - Many small improvements to the internal arithmetic routines. +- Rebase don-t-mark-libpng-as-required-library.patch, + bugzilla-308961-cmex-workaround.patch, freetype2-subpixel.patch, + freetype2-bitmap-foundry.patch and overflow.patch +- Add freetype2-2.5.3-fix-pcf.patch from upstream to resolve + http://savannah.nongnu.org/bugs/?43774, "Freetype 2.5.4 does not + load ungzipped PCF fonts" + +------------------------------------------------------------------- ft2demos.changes: same change Old: ---- freetype-2.5.3.tar.bz2 freetype-doc-2.5.3.tar.bz2 ft2demos-2.5.3.tar.bz2 New: ---- freetype-2.5.4.tar.bz2 freetype-doc-2.5.4.tar.bz2 freetype2-2.5.3-fix-pcf.patch ft2demos-2.5.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ freetype2.spec ++++++ --- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:47.000000000 +0100 +++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:47.000000000 +0100 @@ -26,8 +26,8 @@ Obsoletes: freetype2-64bit %endif # -%define doc_version 2.5.3 -Version: 2.5.3 +%define doc_version 2.5.4 +Version: 2.5.4 Release: 0 Summary: A TrueType Font Library License: SUSE-Freetype or GPL-2.0+ @@ -43,6 +43,8 @@ Patch201: overflow.patch # PATCH-FIX-OPENSUSE don-t-mark-libpng-as-required-library.patch -- it is private in .pc Patch202: don-t-mark-libpng-as-required-library.patch +# PATCH-FIX-UPSTREAM freetype2-2.5.3-fix-pcf.patch -- http://savannah.nongnu.org/bugs/?43774 +Patch1000: freetype2-2.5.3-fix-pcf.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -89,6 +91,7 @@ %patch200 -p1 %endif %patch202 -p1 +%patch1000 -p1 %build export CFLAGS="%optflags -std=gnu99 -D_GNU_SOURCE $(getconf LFS_CFLAGS)" ++++++ ft2demos.spec ++++++ --- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:47.000000000 +0100 +++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:47.000000000 +0100 @@ -17,12 +17,12 @@ Name: ft2demos -Version: 2.5.3 +Version: 2.5.4 Release: 0 Summary: Freetype2 Utilities and Demo Programs License: GPL-2.0+ Group: Productivity/Publishing/Other -%define freetype_version 2.5.3 +%define freetype_version 2.5.4 Url: http://www.freetype.org Source0: http://savannah.nongnu.org/download/freetype/freetype-%{freetype_version}.tar.bz2 Source1: http://savannah.nongnu.org/download/freetype/ft2demos-%{version}.tar.bz2 ++++++ bugzilla-308961-cmex-workaround.patch ++++++ --- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:47.000000000 +0100 +++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:47.000000000 +0100 @@ -2,13 +2,11 @@ src/base/ftobjs.c | 5 +++++ 1 file changed, 5 insertions(+) -Index: freetype-2.4.11/src/base/ftobjs.c +Index: freetype-2.5.4/src/base/ftobjs.c =================================================================== ---- freetype-2.4.11.orig/src/base/ftobjs.c -+++ freetype-2.4.11/src/base/ftobjs.c -@@ -2187,10 +2187,15 @@ - - /* some checks */ +--- freetype-2.5.4.orig/src/base/ftobjs.c ++++ freetype-2.5.4/src/base/ftobjs.c +@@ -2254,6 +2254,11 @@ if ( FT_IS_SCALABLE( face ) ) { @@ -20,5 +18,3 @@ if ( face->height < 0 ) face->height = (FT_Short)-face->height; - if ( !FT_HAS_VERTICAL( face ) ) - face->max_advance_height = (FT_Short)face->height; ++++++ don-t-mark-libpng-as-required-library.patch ++++++ --- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:47.000000000 +0100 +++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:47.000000000 +0100 @@ -10,7 +10,7 @@ index 4ae00dd..c3101e2 100755 --- a/builds/unix/configure +++ b/builds/unix/configure -@@ -13692,7 +13692,6 @@ esac +@@ -13691,7 +13691,6 @@ esac # entries in Requires.private are separated by commas; REQUIRES_PRIVATE="$zlib_reqpriv, \ $bzip2_reqpriv, \ @@ -18,13 +18,21 @@ $harfbuzz_reqpriv" # beautify REQUIRES_PRIVATE=`echo "$REQUIRES_PRIVATE" \ -@@ -13718,7 +13717,6 @@ LIBS_PRIVATE=`echo "$LIBS_PRIVATE" \ - LIBS_CONFIG="-lfreetype \ - $ZLIB_LIBS \ - $BZIP2_LIBS \ -- $LIBPNG_LIBS \ - $HARFBUZZ_LIBS \ - $ft2_extra_libs" +@@ -13705,7 +13704,6 @@ REQUIRES_PRIVATE=`echo "$REQUIRES_PRIVAT + + LIBS_PRIVATE="$zlib_libpriv \ + $bzip2_libpriv \ +- $libpng_libpriv \ + $harfbuzz_libpriv \ + $ft2_extra_libs" + # beautify +@@ -13717,7 +13715,6 @@ LIBS_PRIVATE=`echo "$LIBS_PRIVATE" \ + LIBSSTATIC_CONFIG="-lfreetype \ + $zlib_libstaticconf \ + $bzip2_libstaticconf \ +- $libpng_libstaticconf \ + $harfbuzz_libstaticconf \ + $ft2_extra_libs" # remove -L/usr/lib and -L/usr/lib64 since `freetype-config' adds them later diff --git a/builds/unix/configure.raw b/builds/unix/configure.raw index dd7e576..bac2645 100644 @@ -38,11 +46,19 @@ $harfbuzz_reqpriv" # beautify REQUIRES_PRIVATE=`echo "$REQUIRES_PRIVATE" \ -@@ -940,7 +939,6 @@ LIBS_PRIVATE=`echo "$LIBS_PRIVATE" \ - LIBS_CONFIG="-lfreetype \ - $ZLIB_LIBS \ - $BZIP2_LIBS \ -- $LIBPNG_LIBS \ - $HARFBUZZ_LIBS \ - $ft2_extra_libs" +@@ -928,7 +927,6 @@ REQUIRES_PRIVATE=`echo "$REQUIRES_PRIVAT + + LIBS_PRIVATE="$zlib_libpriv \ + $bzip2_libpriv \ +- $libpng_libpriv \ + $harfbuzz_libpriv \ + $ft2_extra_libs" + # beautify +@@ -940,7 +938,6 @@ LIBS_PRIVATE=`echo "$LIBS_PRIVATE" \ + LIBSSTATIC_CONFIG="-lfreetype \ + $zlib_libstaticconf \ + $bzip2_libstaticconf \ +- $libpng_libstaticconf \ + $harfbuzz_libstaticconf \ + $ft2_extra_libs" # remove -L/usr/lib and -L/usr/lib64 since `freetype-config' adds them later ++++++ freetype-2.5.3.tar.bz2 -> freetype-2.5.4.tar.bz2 ++++++ ++++ 55307 lines of diff (skipped) ++++++ freetype-doc-2.5.3.tar.bz2 -> freetype-doc-2.5.4.tar.bz2 ++++++ ++++++ freetype2-2.5.3-fix-pcf.patch ++++++
From 74af85c4b62b35e55b0ce9dec55ee10cbc4962a2 Mon Sep 17 00:00:00 2001 From: Werner Lemberg
Date: Mon, 08 Dec 2014 15:01:50 +0000 Subject: [pcf] Fix Savannah bug #43774.
Work around `features' of X11's `pcfWriteFont' and `pcfReadFont'
functions. Since the PCF format doesn't have an official
specification, we have to exactly follow these functions' behaviour.
The problem was unveiled with a patch from 2014-11-06, fixing issue #43547.
* src/pcf/pcfread.c (pcf_read_TOC): Don't check table size for last
element. Instead, assign real size.
---
diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c
index 998cbed..e3caf82 100644
--- a/src/pcf/pcfread.c
+++ b/src/pcf/pcfread.c
@@ -2,7 +2,7 @@
FreeType font driver for pcf fonts
- Copyright 2000-2010, 2012, 2013 by
+ Copyright 2000-2010, 2012-2014 by
Francesco Zappa Nardelli
Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -78,7 +78,7 @@ THE SOFTWARE.
FT_FRAME_START( 16 ),
FT_FRAME_ULONG_LE( type ),
FT_FRAME_ULONG_LE( format ),
- FT_FRAME_ULONG_LE( size ),
+ FT_FRAME_ULONG_LE( size ), /* rounded up to a multiple of 4 */
FT_FRAME_ULONG_LE( offset ),
FT_FRAME_END
};
@@ -95,9 +95,11 @@ THE SOFTWARE.
FT_Memory memory = FT_FACE( face )->memory;
FT_UInt n;
+ FT_ULong size;
- if ( FT_STREAM_SEEK ( 0 ) ||
- FT_STREAM_READ_FIELDS ( pcf_toc_header, toc ) )
+
+ if ( FT_STREAM_SEEK( 0 ) ||
+ FT_STREAM_READ_FIELDS( pcf_toc_header, toc ) )
return FT_THROW( Cannot_Open_Resource );
if ( toc->version != PCF_FILE_VERSION ||
@@ -154,14 +156,35 @@ THE SOFTWARE.
break;
}
- /* we now check whether the `size' and `offset' values are reasonable: */
- /* `offset' + `size' must not exceed the stream size */
+ /*
+ * We now check whether the `size' and `offset' values are reasonable:
+ * `offset' + `size' must not exceed the stream size.
+ *
+ * Note, however, that X11's `pcfWriteFont' routine (used by the
+ * `bdftopcf' program to create PDF font files) has two special
+ * features.
+ *
+ * - It always assigns the accelerator table a size of 100 bytes in the
+ * TOC, regardless of its real size, which can vary between 34 and 72
+ * bytes.
+ *
+ * - Due to the way the routine is designed, it ships out the last font
+ * table with its real size, ignoring the TOC's size value. Since
+ * the TOC size values are always rounded up to a multiple of 4, the
+ * difference can be up to three bytes for all tables except the
+ * accelerator table, for which the difference can be as large as 66
+ * bytes.
+ *
+ */
+
tables = face->toc.tables;
- for ( n = 0; n < toc->count; n++ )
+ size = stream->size;
+
+ for ( n = 0; n < toc->count - 1; n++ )
{
/* we need two checks to avoid overflow */
- if ( ( tables->size > stream->size ) ||
- ( tables->offset > stream->size - tables->size ) )
+ if ( ( tables->size > size ) ||
+ ( tables->offset > size - tables->size ) )
{
error = FT_THROW( Invalid_Table );
goto Exit;
@@ -169,6 +192,15 @@ THE SOFTWARE.
tables++;
}
+ /* no check of `tables->size' for last table element ... */
+ if ( ( tables->offset > size ) )
+ {
+ error = FT_THROW( Invalid_Table );
+ goto Exit;
+ }
+ /* ... instead, we adjust `tables->size' to the real value */
+ tables->size = size - tables->offset;
+
#ifdef FT_DEBUG_LEVEL_TRACE
{
@@ -733,8 +765,8 @@ THE SOFTWARE.
FT_TRACE4(( " number of bitmaps: %d\n", nbitmaps ));
- /* XXX: PCF_Face->nmetrics is singed FT_Long, see pcf.h */
- if ( face->nmetrics < 0 || nbitmaps != ( FT_ULong )face->nmetrics )
+ /* XXX: PCF_Face->nmetrics is signed FT_Long, see pcf.h */
+ if ( face->nmetrics < 0 || nbitmaps != (FT_ULong)face->nmetrics )
return FT_THROW( Invalid_File_Format );
if ( FT_NEW_ARRAY( offsets, nbitmaps ) )
--
cgit v0.9.0.2++++++ freetype2-bitmap-foundry.patch ++++++
--- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:48.000000000 +0100
+++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:48.000000000 +0100
@@ -2,13 +2,11 @@
src/pcf/pcfread.c | 30 ++++++++++++++++++++++++++++--
1 file changed, 28 insertions(+), 2 deletions(-)
-Index: freetype-2.4.11/src/pcf/pcfread.c
+Index: freetype-2.5.4/src/pcf/pcfread.c
===================================================================
---- freetype-2.4.11.orig/src/pcf/pcfread.c
-+++ freetype-2.4.11/src/pcf/pcfread.c
-@@ -1173,12 +1173,38 @@ THE SOFTWARE.
- goto Exit;
-
+--- freetype-2.5.4.orig/src/pcf/pcfread.c
++++ freetype-2.5.4/src/pcf/pcfread.c
+@@ -1210,8 +1210,34 @@ THE SOFTWARE.
prop = pcf_find_property( face, "FAMILY_NAME" );
if ( prop && prop->isString )
{
@@ -45,5 +43,3 @@
}
else
root->family_name = NULL;
-
- /*
++++++ freetype2-subpixel.patch ++++++
--- /var/tmp/diff_new_pack.k5s7ym/_old 2014-12-10 23:45:48.000000000 +0100
+++ /var/tmp/diff_new_pack.k5s7ym/_new 2014-12-10 23:45:48.000000000 +0100
@@ -1,7 +1,7 @@
-Index: freetype-2.4.11/include/config/ftoption.h
+Index: freetype-2.5.4/include/config/ftoption.h
===================================================================
---- freetype-2.4.11.orig/include/config/ftoption.h
-+++ freetype-2.4.11/include/config/ftoption.h
+--- freetype-2.5.4.orig/include/config/ftoption.h
++++ freetype-2.5.4/include/config/ftoption.h
@@ -92,7 +92,7 @@ FT_BEGIN_HEADER
/* This is done to allow FreeType clients to run unmodified, forcing */
/* them to display normal gray-level anti-aliased glyphs. */
@@ -11,7 +11,7 @@
/*************************************************************************/
-@@ -577,7 +577,7 @@ FT_BEGIN_HEADER
+@@ -604,7 +604,7 @@ FT_BEGIN_HEADER
/* This option requires TT_CONFIG_OPTION_BYTECODE_INTERPRETER to be */
/* defined. */
/* */
++++++ ft2demos-2.5.3.tar.bz2 -> ft2demos-2.5.4.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ft2demos-2.5.3/ChangeLog new/ft2demos-2.5.4/ChangeLog
--- old/ft2demos-2.5.3/ChangeLog 2014-03-06 23:09:43.000000000 +0100
+++ new/ft2demos-2.5.4/ChangeLog 2014-12-06 19:02:45.000000000 +0100
@@ -1,3 +1,28 @@
+2014-12-06 Werner Lemberg
participants (1)
-
root@hilbert.suse.de