Hello community, here is the log from the commit of package freetype2 for openSUSE:Factory checked in at 2015-06-12 21:15:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/freetype2 (Old) and /work/SRC/openSUSE:Factory/.freetype2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "freetype2" Changes: -------- --- /work/SRC/openSUSE:Factory/freetype2/freetype2.changes 2015-05-22 09:46:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.freetype2.new/freetype2.changes 2015-06-12 21:15:28.000000000 +0200 @@ -1,0 +2,61 @@ +Thu Jun 11 08:54:13 UTC 2015 - idon...@suse.com + +- Update to version 2.6 + * Thread safety improvements + * Thai script support has been added to the auto-hinter. + * Arabic script support has been added to the auto-hinter. + * Following OpenType version 1.7, advance widths and side bearing + values in CFFs (wrapped in an SFNT structure) are now always + taken from the `hmtx' table. + * Following OpenType version 1.7, the PostScript font name of a + CFF font (wrapped in an SFNT structure) is now always taken from + the `name' table. This is also true for OpenType Collections + (i.e., TTCs using CFFs subfonts instead of TTFs), where it may + have a significant difference. + * Fonts natively hinted for ClearType are now supported, properly + handling selector index 3 of the INSTCTRL bytecode instruction. + * Major improvements to the GX TrueType variation font handling. + +------------------------------------------------------------------- +Tue Jun 9 08:18:50 UTC 2015 - fst...@suse.com + +- Merge with the version 2.5.5 from openSUSE:Factory +- Removed patches: + * CVE-2014-9656.patch + * CVE-2014-9657.patch + * CVE-2014-9658.patch + * CVE-2014-9659.patch + * CVE-2014-9660.patch + * CVE-2014-9661.patch + * CVE-2014-9662.patch + * CVE-2014-9663.patch + * CVE-2014-9664.patch + * CVE-2014-9665.patch + * CVE-2014-9666.patch + * CVE-2014-9667.patch + * CVE-2014-9668.patch + * CVE-2014-9669.patch + * CVE-2014-9670.patch + * CVE-2014-9671.patch + * CVE-2014-9672.patch + * CVE-2014-9673.patch + * CVE-2014-9674.patch + * CVE-2014-9675.patch + - Integrated in the 2.5.5 release +- Modified patches: + * don-t-mark-libpng-as-required-library.patch + * bugzilla-308961-cmex-workaround.patch + * freetype2-subpixel.patch + * freetype2-bitmap-foundry.patch + * overflow.patch + - Adapt to the new version of sources + +------------------------------------------------------------------- +Wed Jun 3 08:14:53 UTC 2015 - fst...@suse.com + +- Modified patch: + * CVE-2014-9671.patch + - Adapt the code to correspond to the current git master of + freetype2 (fixes bsc#933247) + +------------------------------------------------------------------- @@ -9,0 +71,29 @@ +Fri Feb 20 10:13:37 UTC 2015 - nadvor...@suse.com + +- fixed vulnerabilities (bnc#916847, bnc#916856, bnc#916857, + bnc#916858, bnc#916859, bnc#916860, bnc#916861, bnc#916862, + bnc#916863, bnc#916864, bnc#916865, bnc#916867, bnc#916868, + bnc#916870, bnc#916871, bnc#916872, bnc#916873, bnc#916874, + bnc#916879, bnc#916881) + - CVE-2014-9656.patch + - CVE-2014-9657.patch + - CVE-2014-9658.patch + - CVE-2014-9659.patch + - CVE-2014-9660.patch + - CVE-2014-9661.patch + - CVE-2014-9662.patch + - CVE-2014-9663.patch + - CVE-2014-9664.patch + - CVE-2014-9665.patch + - CVE-2014-9666.patch + - CVE-2014-9667.patch + - CVE-2014-9668.patch + - CVE-2014-9669.patch + - CVE-2014-9670.patch + - CVE-2014-9671.patch + - CVE-2014-9672.patch + - CVE-2014-9673.patch + - CVE-2014-9674.patch + - CVE-2014-9675.patch + +------------------------------------------------------------------- @@ -70,0 +161,6 @@ + +------------------------------------------------------------------- +Thu Mar 27 09:57:06 UTC 2014 - nadvor...@suse.com + +- get 2.5.3 from Factory as it fixes + CVE-2014-2240 CVE-2014-2241 (bnc#867620) --- /work/SRC/openSUSE:Factory/freetype2/ft2demos.changes 2015-05-22 09:46:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.freetype2.new/ft2demos.changes 2015-06-12 21:15:28.000000000 +0200 @@ -1,0 +2,54 @@ +Thu Jun 11 08:56:22 UTC 2015 - idon...@suse.com + +- Update to version 2.6 + * ftgrid can now display GX and MM fonts. + * Anti-aliasing rendering modes can now be selected (with keys + F5 and F6). + * The display of point numbers can be toggled with key `D'. + * ftdump now display information on MM and GX variation axes. + * ftmulti can now handle up to six MM or GX axes. +- Refresh overflow.patch + +------------------------------------------------------------------- +Tue Jun 9 08:18:50 UTC 2015 - fst...@suse.com + +- Merge with the version 2.5.5 from openSUSE:Factory +- Removed patches: + * CVE-2014-9656.patch + * CVE-2014-9657.patch + * CVE-2014-9658.patch + * CVE-2014-9659.patch + * CVE-2014-9660.patch + * CVE-2014-9661.patch + * CVE-2014-9662.patch + * CVE-2014-9663.patch + * CVE-2014-9664.patch + * CVE-2014-9665.patch + * CVE-2014-9666.patch + * CVE-2014-9667.patch + * CVE-2014-9668.patch + * CVE-2014-9669.patch + * CVE-2014-9670.patch + * CVE-2014-9671.patch + * CVE-2014-9672.patch + * CVE-2014-9673.patch + * CVE-2014-9674.patch + * CVE-2014-9675.patch + - Integrated in the 2.5.5 release +- Modified patches: + * don-t-mark-libpng-as-required-library.patch + * bugzilla-308961-cmex-workaround.patch + * freetype2-subpixel.patch + * freetype2-bitmap-foundry.patch + * overflow.patch + - Adapt to the new version of sources + +------------------------------------------------------------------- +Wed Jun 3 08:14:53 UTC 2015 - fst...@suse.com + +- Modified patch: + * CVE-2014-9671.patch + - Adapt the code to correspond to the current git master of + freetype2 (fixes bsc#933247) + +------------------------------------------------------------------- @@ -6,0 +61,29 @@ +Fri Feb 20 10:13:37 UTC 2015 - nadvor...@suse.com + +- fixed vulnerabilities (bnc#916847, bnc#916856, bnc#916857, + bnc#916858, bnc#916859, bnc#916860, bnc#916861, bnc#916862, + bnc#916863, bnc#916864, bnc#916865, bnc#916867, bnc#916868, + bnc#916870, bnc#916871, bnc#916872, bnc#916873, bnc#916874, + bnc#916879, bnc#916881) + - CVE-2014-9656.patch + - CVE-2014-9657.patch + - CVE-2014-9658.patch + - CVE-2014-9659.patch + - CVE-2014-9660.patch + - CVE-2014-9661.patch + - CVE-2014-9662.patch + - CVE-2014-9663.patch + - CVE-2014-9664.patch + - CVE-2014-9665.patch + - CVE-2014-9666.patch + - CVE-2014-9667.patch + - CVE-2014-9668.patch + - CVE-2014-9669.patch + - CVE-2014-9670.patch + - CVE-2014-9671.patch + - CVE-2014-9672.patch + - CVE-2014-9673.patch + - CVE-2014-9674.patch + - CVE-2014-9675.patch + +------------------------------------------------------------------- @@ -67,0 +151,6 @@ + +------------------------------------------------------------------- +Wed May 7 14:41:16 CEST 2014 - r...@suse.de + +- mark bnc628213_test.otf as NoSource to avoid triggering + clamav check Old: ---- freetype-2.5.5.tar.bz2 freetype-doc-2.5.5.tar.bz2 ft2demos-2.5.5.tar.bz2 pre_checkin.sh New: ---- freetype-2.6.tar.bz2 freetype-doc-2.6.tar.bz2 ft2demos-2.6.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ freetype2.spec ++++++ --- /var/tmp/diff_new_pack.NZ5pp6/_old 2015-06-12 21:15:30.000000000 +0200 +++ /var/tmp/diff_new_pack.NZ5pp6/_new 2015-06-12 21:15:30.000000000 +0200 @@ -17,9 +17,9 @@ # -%define doc_version 2.5.5 +%define doc_version 2.6 Name: freetype2 -Version: 2.5.5 +Version: 2.6 Release: 0 Summary: A TrueType Font Library License: SUSE-Freetype or GPL-2.0+ ++++++ ft2demos.spec ++++++ --- /var/tmp/diff_new_pack.NZ5pp6/_old 2015-06-12 21:15:30.000000000 +0200 +++ /var/tmp/diff_new_pack.NZ5pp6/_new 2015-06-12 21:15:30.000000000 +0200 @@ -16,9 +16,9 @@ # -%define freetype_version 2.5.5 +%define freetype_version 2.6 Name: ft2demos -Version: 2.5.5 +Version: 2.6 Release: 0 Summary: Freetype2 Utilities and Demo Programs License: GPL-2.0+ @@ -41,6 +41,8 @@ BuildRequires: xorg-x11-devel Supplements: fonts-config Conflicts: dtc +# silence our clamav check +NoSource: 1000 BuildRoot: %{_tmppath}/%{name}-%{version}-build %description ++++++ freetype-2.5.5.tar.bz2 -> freetype-2.6.tar.bz2 ++++++ ++++ 43835 lines of diff (skipped) ++++++ freetype-doc-2.5.5.tar.bz2 -> freetype-doc-2.6.tar.bz2 ++++++ ++++ 2532 lines of diff (skipped) ++++++ ft2demos-2.5.5.tar.bz2 -> ft2demos-2.6.tar.bz2 ++++++ ++++ 6452 lines of diff (skipped) ++++++ overflow.patch ++++++ --- /var/tmp/diff_new_pack.NZ5pp6/_old 2015-06-12 21:15:32.000000000 +0200 +++ /var/tmp/diff_new_pack.NZ5pp6/_new 2015-06-12 21:15:32.000000000 +0200 @@ -1,6 +1,8 @@ ---- ft2demos-2.5.4/src/ttdebug.c 2014-05-11 12:50:48.876613439 +0200 -+++ ft2demos-2.5.4.new/src/ttdebug.c 2014-12-08 16:39:09.744778704 +0100 -@@ -1905,11 +1905,11 @@ +Index: ft2demos-2.6/src/ttdebug.c +=================================================================== +--- ft2demos-2.6.orig/src/ttdebug.c ++++ ft2demos-2.6/src/ttdebug.c +@@ -1910,11 +1910,11 @@ FT_Library_Version( library, &major, &minor, &patch ); @@ -9,8 +11,8 @@ "ttdebug (FreeType) %d.%d", major, minor ); if ( patch ) -- offset = snprintf( version_string + offset, 64 - offset, -+ offset = snprintf( version_string + offset, sizeof(version_string) - offset, +- offset = snprintf( version_string + offset, (size_t)( 64 - offset ), ++ offset = snprintf( version_string + offset, (size_t)( sizeof(version_string) - offset ), ".%d", patch ); }