-
freetype (2.10.4+dfsg-1build1) hirsute; urgency=medium
* No-change rebuild to drop the udeb package.
-- Matthias Klose <email address hidden> Mon, 22 Feb 2021 10:33:10 +0100
-
freetype (2.10.4+dfsg-1) unstable; urgency=medium
* New upstream version:
- Fix for CVE-2020-15999 (heap buffer overflow) now included.
- New flag `FT_OUTLINE_OVERLAP' available to make the smooth rasterizer do
4x4 oversampling to mitigate artifacts in pixels partially covered by
overlapping contours. This at least quadruples the rendering time.
FreeType automatically uses this rendering mode if a glyph in a TrueType
font has the `OVERLAP_SIMPLE' or `OVERLAP_COMPOUND' bit set.
- Including FreeType header files via FT_*_H macros is no longer required.
Downstream packages are encouraged to include the FreeType headers via
standard paths, e.g. #include <freetype/freetype.h>.
- Support for building with Meson.
- Fixes for various memory leaks, primarily in the CFF driver module.
- Jam support has been removed.
- Many improvements to demo programs.
- The obsolete `HAVE_STDINT_H' probing macro has been removed.
- Public macro definitions required by the FreeType API have been moved to
include/freetype/config/public-macros.h.
- Private macro definitions used by the FreeType API have been moved to
include/freetype/config/compiler-macros.h.
- New common header for integer data types added.
* debian/control:
- Build-Depend on zlib1g-dev | libz-dev.
- Raise Standards-Version from 4.5.0 to 4.5.1 (no changes needed).
* debian/copyright:
- Update for FreeType 2.10.4.
- Remove redundant globbing patterns.
* debian/patches:
- Drop cve-2020-15999.patch (fix included in FreeType 2.10.4).
- Refresh enable-subpixel-rendering.patch.
- Refresh hide-donations-information.patch.
* debian/rules: Remove debian/udeb directory before building.
* debian/tests/libfreetype-dev: Replace the FT_FREETYPE_H macro with a
standard header inclusion.
-- Hugh McMaster <email address hidden> Sat, 05 Dec 2020 19:20:58 +1100
-
freetype (2.10.2+dfsg-4) unstable; urgency=high
* debian/patches: Add upstream patch for CVE-2020-15999 (Closes: #972586).
- Prevent heap buffer overflow when handling embedded PNG bitmaps
in malformed TrueType font files.
-- Hugh McMaster <email address hidden> Wed, 21 Oct 2020 09:39:47 +1100
-
freetype (2.10.2+dfsg-3ubuntu1) groovy; urgency=medium
* SECURITY UPDATE: heap buffer overflow via integer truncation in
Load_SBit_Png
- debian/patches/CVE-2020-15999.patch: Update src/sfnt/pngshim.c to
test and reject invalid bitmap size earlier in Load_SBit_Png. Based on
upstream patch.
- CVE-2020-15999
-- Alex Murray <email address hidden> Tue, 20 Oct 2020 12:28:06 +1030
-
freetype (2.10.2+dfsg-3) unstable; urgency=medium
[ Simon McVittie ]
* d/tests: Add a superficial compile/link/run autopkgtest (Closes: #964246).
[ Hugh McMaster ]
* debian/rules:
- Update a comment.
- Fix whitespace formatting.
- Override dh_auto_clean to clean up ft2demos.
- Override dh_auto_clean to remove objs/.libs/libfreetype.ver.
- Run a separate build sequence for libfreetype6-udeb, which should not
depend on libbrotli1 (Closes: #964774).
* Minor stylistic changes to d/tests/libfreetype-dev.
- Thanks to Simon McVittie for writing the autopkgtest.
-- Hugh McMaster <email address hidden> Wed, 15 Jul 2020 22:10:01 +1000
