Your message dated Sun, 26 Mar 2017 09:03:58 +0000
with message-id <[email protected]>
and subject line Bug#841029: fixed in freetype 2.7.1-0.1
has caused the Debian Bug report #841029,
regarding libfreetype6 wrongly detects (some) recursive glyphs as broken
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
841029: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841029
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libfreetype6
Version: 2.6.3-3
Tags: upstream, fixed-upstream, patch
Hi,
FreeType wrongly detects a glyphs with multiple references to the same
glyph, which has itself references, as broken. Somebody already reported
it upstream [0] and it's already fixed upstream [1].
This affects for example DejaVu fonts:
$ ftlint 10 /usr/share/fonts/truetype/dejavu/DejaVuSans.ttf
/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf: glyph 752: 0x0015
glyph 4703: 0x0015
glyph 4704: 0x0015
glyph 4731: 0x0015
glyph 4732: 0x0015
glyph 4753: 0x0015
glyph 4754: 0x0015
glyph 4759: 0x0015
glyph 4760: 0x0015
9 fails.
$
As a consequence Scribus refuses to load DejaVu fonts at all and
LibreOffice can't display U+033F.
The upstream patch applies without problems (ignoring the changelog) and
fixes the problem. Upgrading to an newer upstream release should of
course also fix the problem.
Thanks, HW42
[0]: https://lists.gnu.org/archive/html/freetype/2016-05/msg00000.html
[1]:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit?id=a7d8bdbcfeb65b4859fe553df9d4922627837888
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: freetype
Source-Version: 2.7.1-0.1
We believe that the bug you reported is fixed in the latest version of
freetype, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laurent Bigonville <[email protected]> (supplier of updated freetype package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 11 Mar 2017 08:25:00 +0100
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.7.1-0.1
Distribution: experimental
Urgency: medium
Maintainer: Steve Langasek <[email protected]>
Changed-By: Laurent Bigonville <[email protected]>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 837800 841029 856971
Changes:
freetype (2.7.1-0.1) experimental; urgency=medium
.
* Non-maintainer upload.
* New upstream release (Closes: #837800)
- debian/patches-freetype, debian/patches-ft2demos: Refreshed
- Improve the recursive reference detector (Closes: #841029)
- Fix heap buffer overflow (Closes: #856971 CVE-2016-10244)
* d/p-freetype/Revert-builds-unix-unix-cc.in-LINK_LIBRARY-Use-expor.patch:
Revert upstream commit that added the -export-symbols option to libtool,
we need to review the symbols used in debian before we can hide the
private one.
* debian/libfreetype6.symbols: Make any application depending on private
symbols depend against an invalid package, this will help us to find out
which packages (if any) are abusing the API.
* debian/control: Remove duplicate Section to please lintian
* debian/control: Bump Standards-Version 3.9.8 (no further changes)
Checksums-Sha1:
fd1b5ff710d15cbc8f1c492fac0dbb2af5cab210 1812 freetype_2.7.1-0.1.dsc
ee5168a2fc32c1a99e14568a8b49bbbd3257bfca 4174317 freetype_2.7.1.orig.tar.gz
a942cf7efe9450d247947952ccf4630f3579f6da 39348 freetype_2.7.1-0.1.diff.gz
6a3116f0e01992d791014e46e22ce36e19f548c3 703244
freetype2-demos-dbgsym_2.7.1-0.1_amd64.deb
96efe594813f253704042b0927e799c3e32d6fbf 117664
freetype2-demos_2.7.1-0.1_amd64.deb
567143b0c5bf3bb03d728f73d34505f412a158c3 7215
freetype_2.7.1-0.1_amd64.buildinfo
89148d6dfbb99e01e6924cc97795a85065073bab 957332
libfreetype6-dbgsym_2.7.1-0.1_amd64.deb
4f28c98da798f54a915149578d3308d627ebf689 2635348
libfreetype6-dev_2.7.1-0.1_amd64.deb
e5f78d17e2bb2801bcafb960531ba67b8b90962f 311296
libfreetype6-udeb_2.7.1-0.1_amd64.udeb
b06bfaa98b4708f182b70a7f4e1139952e7f38e1 432426
libfreetype6_2.7.1-0.1_amd64.deb
Checksums-Sha256:
f2f5ea17a0d8ab639343c82167743b17425ce10da8e94858193d22d9ee27a224 1812
freetype_2.7.1-0.1.dsc
16739536b9a705f5984ab439323bff6689f41b90a2962ceb20564d23141524f1 4174317
freetype_2.7.1.orig.tar.gz
3ca28d8a4916d5cec0adbab9f7fdeed214c8eff855f0bca70f4d5c7e41751cae 39348
freetype_2.7.1-0.1.diff.gz
5d3bf69523fce4b223eb327ee86324ffbadb9bfac6316d7904acf42a934ef865 703244
freetype2-demos-dbgsym_2.7.1-0.1_amd64.deb
22e00722c1a3af598c8d081feadcafc8bb60deb38bbd09a3647540b9e557d4fe 117664
freetype2-demos_2.7.1-0.1_amd64.deb
f581a41c098b974d4a80949f3f77420e7b73b40b128910a21ed686592f605df8 7215
freetype_2.7.1-0.1_amd64.buildinfo
a84f7b9bd21f91f42339881956d7bd62a775cec1e8f063dea9fd926e48dd4e27 957332
libfreetype6-dbgsym_2.7.1-0.1_amd64.deb
64cbeabd30e36b0d8f55be6d3ad565bc3f833dd2a8bb44f1b07afb419aa2e4e4 2635348
libfreetype6-dev_2.7.1-0.1_amd64.deb
4ac2fa87647b74b4a8e9b27592be4a82ed66eacd571276de64a77d83fe24e9f7 311296
libfreetype6-udeb_2.7.1-0.1_amd64.udeb
a70432bfe3b8307ae7f5da47961b95337a4b7f1ea0d28dce6ed005eadeb3a260 432426
libfreetype6_2.7.1-0.1_amd64.deb
Files:
bf9e66216740d4217714505fdf37ed34 1812 libs optional freetype_2.7.1-0.1.dsc
75950b914571f0fe877e96028da4173c 4174317 libs optional
freetype_2.7.1.orig.tar.gz
bcdb442332ad68422bd1879c124de6d1 39348 libs optional freetype_2.7.1-0.1.diff.gz
12c5be0e4fcd89a9451c64ce63d1cae0 703244 debug extra
freetype2-demos-dbgsym_2.7.1-0.1_amd64.deb
36a07163f482c6f87d6594cb05c5566e 117664 utils optional
freetype2-demos_2.7.1-0.1_amd64.deb
472fe7fc0d5814face4533b73d1deeb3 7215 libs optional
freetype_2.7.1-0.1_amd64.buildinfo
46507558e133a2dcb760009ba17ea40f 957332 debug extra
libfreetype6-dbgsym_2.7.1-0.1_amd64.deb
50d12fc0bb8d644f3e7b7b9cdbc7e15f 2635348 libdevel optional
libfreetype6-dev_2.7.1-0.1_amd64.deb
42cd270055e039409d0bc6631c2fe6f6 311296 debian-installer extra
libfreetype6-udeb_2.7.1-0.1_amd64.udeb
e9e0adbb6e2ceb3094ac97219d86492e 432426 libs optional
libfreetype6_2.7.1-0.1_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEmRrdqQAhuF2x31DwH8WJHrqwQ9UFAljDp3kPHGJpZ29uQGJp
Z29uLmJlAAoJEB/FiR66sEPVjjEIAIsZdD6slSYPW3X1rWGCFow9I4P9Tzjjw1NA
4KEhV8lq7Cx1uD23mXOvc6lxOowxjSNqaTRCvSqsOh18+vw+CwRFtDew7g4pc3Eh
SY3SG4nHdvLEmwl/8+9s5UpaITqOeHphQqM1u+w4zufEwem3HuzqYZl8ydrrKc5N
A9jm3cLHguk9wfjprYQvO8empRjrF6FTk2I6oYo1SuGZC4lmrSEWsrv8kI7bgwkM
+E6wE7Uautw3lUfwRolggqjnevFEzk7QBh04LcqG1EA833PoFEIVX/ngdPDAGYSd
2Vyzs6t5tgQXOqsnAjFwhXowm27BLCF7/NcqZEXEMpbgFB9tZQQ=
=lgL2
-----END PGP SIGNATURE-----
--- End Message ---
