pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2017Q1] pkgsrc/graphics/freetype2

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Fri Jun  2 19:52:12 UTC 2017

Modified Files:
        pkgsrc/graphics/freetype2 [pkgsrc-2017Q1]: Makefile PLIST distinfo
        pkgsrc/graphics/freetype2/patches [pkgsrc-2017Q1]: patch-ab

Log Message:
Pullup ticket #5439 - requested by sevan
graphics/freetype2: security fix

Revisions pulled up:
- graphics/freetype2/Makefile                                   1.111
- graphics/freetype2/PLIST                                      1.24
- graphics/freetype2/distinfo                                   1.62
- graphics/freetype2/patches/patch-ab                           1.19

---
   Module Name:    pkgsrc
   Committed By:   spz
   Date:           Sun May 14 11:02:15 UTC 2017

   Modified Files:
           pkgsrc/graphics/freetype2: Makefile PLIST distinfo
           pkgsrc/graphics/freetype2/patches: patch-ab

   Log Message:
   Update from 2.7.1 to 2.8: 3 API additions, no deletions, no changes
   fixes CVE-2017-7857 CVE-2017-7858 CVE-2017-7864 CVE-2017-8105 CVE-2017-8287

   Upstream change announcement:

     I. IMPORTANT CHANGES

       - Support for OpenType Variation Fonts is now complete.   The last
         missing part was handling the `VVAR' and `MVAR' tables, which is
         available with this release.

       - A new  function `FT_Face_Properties' allows the  control of some
         module  and   library  properties  per  font.    Currently,  the
         following properties can be  handled: stem darkening, LCD filter
         weights, and the random seed for the `random' CFF operator.

       - The PCF change to show more `colourful' family names (introduced
         in version 2.7.1) was too radical; it can now be configured with
         PCF_CONFIG_OPTION_LONG_FAMILY_NAMES   at   compile   time.    If
         activated, it can  be switched off at run time  with the new pcf
         property  `no-long-family-names'.  If  the `FREETYPE_PROPERTIES'
         environment variable is available, you can say

           FREETYPE_PROPERTIES=pcf:no-long-family-names=1

       - Support  for  the  following  scripts  has  been  added  to  the
         auto-hinter.

           Adlam, Avestan, Bamum, Buhid, Carian, Chakma, Coptic, Cypriot,
           Deseret, Glagolitic, Gothic, Kayah, Lisu, N'Ko, Ol Chiki, Old
           Turkic, Osage, Osmanya, Saurashtra, Shavian, Sundanese, Tai
           Viet, Tifinagh, Unified Canadian Syllabics, Vai

     II. IMPORTANT BUG FIXES

       - `Light' auto-hinting  mode no  longer uses TrueType  metrics for
         TrueType  fonts.   This bug  was  introduced  in version  2.4.6,
         causing   horizontal  scaling   also.    Almost  all   GNU/Linux
         distributions (with Fedora as  a notable exception) disabled the
         corresponding patch for good reasons; chances are thus high that
         you won't notice a difference.

         If  optical backward  compatibility for  legacy applications  is
         necessary, you might enable the AF_CONFIG_OPTION_TT_SIZE_METRICS
         configuration option.   However, it  is strongly  recommended to
         avoid that, adjusting font sizes instead.

       - If a TrueType font gets loaded with FT_LOAD_NO_HINTING, FreeType
         now scales  the font linearly  again (bug introduced  in version
         2.4.6).

       - CVE-2017-8105,  CVE-2017-8287:  Older   FreeType  versions  have
         out-of-bounds  writes  caused  by  heap-based  buffer  overflows
         related to Type 1 fonts.

           https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
           https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287

     III. MISCELLANEOUS

       - A  new function  `FT_Set_Default_Properties' has  been added  to
         parse    the    `FREETYPE_PROPERTIES'    environment    variable
         (previously, it  was internal only).   `FT_Init_FreeType' always
         call this  function, but  `FT_New_Library' does not  (similar to
         `FT_Add_Default_Modules').

       - To be in sync with OpenType version 1.7 and newer, macros

           FT_PARAM_TAG_IGNORE_PREFERRED_FAMILY,
           FT_PARAM_TAG_IGNORE_PREFERRED_SUBFAMILY,
           TT_NAME_ID_PREFERRED_FAMILY
           TT_NAME_ID_PREFERRED_SUBFAMILY

         are renamed to

           FT_PARAM_TAG_IGNORE_TYPOGRAPHIC_FAMILY,
           FT_PARAM_TAG_IGNORE_TYPOGRAPHIC_SUBFAMILY,
           TT_NAME_ID_TYPOGRAPHIC_FAMILY
           TT_NAME_ID_TYPOGRAPHIC_SUBFAMILY

         The old macro names are deprecated (but still available).

       - Support for SFNT `name' tables has been improved.

         . Format  1 `name' tables  are now supported.  Use  new function
           `FT_Get_Sfnt_LangTag' to access associated language tags.

         . Language, encoding, and name IDs have been updated to OpenType
           version 1.8.1.

       - The new CFF  engine now handles the `random'  operator.  All CFF
         opcodes are now supported.

       - The CFF module  has a new property `random-seed'  to control the
         pseudo-random number generation for the `random' operator.

       - The `freetype-config' script is now a wrapper of `pkg-config' if
         this program is available in the path.

       - FT_LOAD_TARGET_LCD  is now  a  variant of  FT_LOAD_TARGET_LIGHT;
         this should provide better rendering results.

       - A mode to display  light auto-hinting with sub-pixel positioning
         has been added to `ftdiff'.


To generate a diff of this commit:
cvs rdiff -u -r1.110 -r1.110.2.1 pkgsrc/graphics/freetype2/Makefile
cvs rdiff -u -r1.23 -r1.23.10.1 pkgsrc/graphics/freetype2/PLIST
cvs rdiff -u -r1.61 -r1.61.2.1 pkgsrc/graphics/freetype2/distinfo
cvs rdiff -u -r1.18 -r1.18.6.1 pkgsrc/graphics/freetype2/patches/patch-ab

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/graphics/freetype2/Makefile
diff -u pkgsrc/graphics/freetype2/Makefile:1.110 pkgsrc/graphics/freetype2/Makefile:1.110.2.1
--- pkgsrc/graphics/freetype2/Makefile:1.110    Thu Jan 19 18:52:11 2017
+++ pkgsrc/graphics/freetype2/Makefile  Fri Jun  2 19:52:12 2017
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.110 2017/01/19 18:52:11 agc Exp $
+# $NetBSD: Makefile,v 1.110.2.1 2017/06/02 19:52:12 bsiegert Exp $
 
-DISTNAME=      freetype-2.7.1
+DISTNAME=      freetype-2.8
 PKGNAME=       ${DISTNAME:S/-/2-/}
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=freetype/}

Index: pkgsrc/graphics/freetype2/PLIST
diff -u pkgsrc/graphics/freetype2/PLIST:1.23 pkgsrc/graphics/freetype2/PLIST:1.23.10.1
--- pkgsrc/graphics/freetype2/PLIST:1.23        Sun Jan 10 21:16:33 2016
+++ pkgsrc/graphics/freetype2/PLIST     Fri Jun  2 19:52:12 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23 2016/01/10 21:16:33 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.23.10.1 2017/06/02 19:52:12 bsiegert Exp $
 bin/freetype-config
 include/freetype2/freetype/config/ftconfig.h
 include/freetype2/freetype/config/ftheader.h
@@ -34,6 +34,7 @@ include/freetype2/freetype/ftmodapi.h
 include/freetype2/freetype/ftmoderr.h
 include/freetype2/freetype/ftotval.h
 include/freetype2/freetype/ftoutln.h
+include/freetype2/freetype/ftpcfdrv.h
 include/freetype2/freetype/ftpfr.h
 include/freetype2/freetype/ftrender.h
 include/freetype2/freetype/ftsizes.h

Index: pkgsrc/graphics/freetype2/distinfo
diff -u pkgsrc/graphics/freetype2/distinfo:1.61 pkgsrc/graphics/freetype2/distinfo:1.61.2.1
--- pkgsrc/graphics/freetype2/distinfo:1.61     Mon Jan 16 13:11:46 2017
+++ pkgsrc/graphics/freetype2/distinfo  Fri Jun  2 19:52:12 2017
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.61 2017/01/16 13:11:46 adam Exp $
+$NetBSD: distinfo,v 1.61.2.1 2017/06/02 19:52:12 bsiegert Exp $
 
-SHA1 (freetype-2.7.1.tar.bz2) = 4d08a9a6567c6332d58e9a5f9a7e9e3fbce66789
-RMD160 (freetype-2.7.1.tar.bz2) = fbf9c204446af1c8f829f05bcde5660a627c3c5c
-SHA512 (freetype-2.7.1.tar.bz2) = df39e2ef55f9090a66fecb6b5e9a5d296a043ddfd919d0ce3d7ea5132aa388bfbbeeaa6d6df6513956134b987e1c3a5eac6975c0c9631213af77457a623b49da
-Size (freetype-2.7.1.tar.bz2) = 1825107 bytes
-SHA1 (patch-ab) = 5c6998020bda378828035bafe5dfcca6f9cd8fca
+SHA1 (freetype-2.8.tar.bz2) = 42c6b1f733fe13a3eba135f5025b22cb68450f91
+RMD160 (freetype-2.8.tar.bz2) = 518184d2be032b9807345367265cc7cd49df0da5
+SHA512 (freetype-2.8.tar.bz2) = 3842c34bf6100a8c9b78258146b2ff35e9bb4c993937d3ef09982c1e2552dfd15f8849ddd8a1e84edf08b5a5fb918b68cf7b1584545c5900e22a00bfa1c89ff5
+Size (freetype-2.8.tar.bz2) = 1873526 bytes
+SHA1 (patch-ab) = 7b79dd02d8b1ad516011cd5e178e079895ce16d3

Index: pkgsrc/graphics/freetype2/patches/patch-ab
diff -u pkgsrc/graphics/freetype2/patches/patch-ab:1.18 pkgsrc/graphics/freetype2/patches/patch-ab:1.18.6.1
--- pkgsrc/graphics/freetype2/patches/patch-ab:1.18     Sat Jul  9 12:23:16 2016
+++ pkgsrc/graphics/freetype2/patches/patch-ab  Fri Jun  2 19:52:12 2017
@@ -1,6 +1,6 @@
-$NetBSD: patch-ab,v 1.18 2016/07/09 12:23:16 adam Exp $
+$NetBSD: patch-ab,v 1.18.6.1 2017/06/02 19:52:12 bsiegert Exp $
 
---- builds/unix/unix-cc.in.orig        2016-05-23 04:49:31.000000000 +0000
+--- builds/unix/unix-cc.in.orig        2017-03-30 10:20:23.000000000 +0000
 +++ builds/unix/unix-cc.in
 @@ -89,7 +89,7 @@ ANSIFLAGS := @XX_ANSIFLAGS@
  #
@@ -13,7 +13,7 @@ $NetBSD: patch-ab,v 1.18 2016/07/09 12:2
  #
 @@ -101,14 +101,14 @@ LDFLAGS := @LDFLAGS@
  CCraw_build  := @CC_BUILD@    # native CC of building system
- E_BUILD      := @EXEEXT_BUILD@        # extension for exexutable on building system
+ E_BUILD      := @EXEEXT_BUILD@        # extension for executable on building system
  EXPORTS_LIST := $(OBJ_DIR)/ftexport.sym
 -CCexe        := $(CCraw_build)        # used to compile `apinames' only
 +CCexe        := $(CCraw_build) @CFLAGS@       # used to compile `apinames' only
Home | Main Index | Thread Index | Old Index