commit fontforge for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package fontforge for openSUSE:Leap:15.2 checked in at 2020-06-10 16:49:33 Comparing /work/SRC/openSUSE:Leap:15.2/fontforge (Old) and /work/SRC/openSUSE:Leap:15.2/.fontforge.new.3606 (New) Package is "fontforge" Wed Jun 10 16:49:33 2020 rev:19 rq:796680 version:20200314 Changes: --- /work/SRC/openSUSE:Leap:15.2/fontforge/fontforge.changes2020-01-23 09:20:37.726691708 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.fontforge.new.3606/fontforge.changes 2020-06-10 16:49:39.820317130 +0200 @@ -2 +2 @@ -Tue Jan 14 09:54:40 UTC 2020 - Cliff Zhao +Wed Apr 15 18:30:12 UTC 2020 - Antonio Larrosa @@ -4,3 +4,54 @@ -- Add fontforge-CVE-2020-5395-5496.patch: Use-after-free (heap) in -the SFD_GetFontMetaData() function and fix NULL pointer dereference -in the SFDGetSpiros() and SFD_AssignLookups() function(bnc#1160220, +- Update to version 20200314: + * FontForge now has much improved stroke expansion functionality. +The main change is that it actually works most of the time. New +features include support for arbitrary convex nibs and the +miter-clip and arc join styles from SVG 2. All functionality is +accessible from the Python and native APIs. + * Remove overlap handles certain important edge cases better. + * The Python API now has a function called genericGlyphChange +that matches the "Change Glyph" command in the GUI. See #4133 +for more details. + * The Python API now has functions for getting Unicode script and +for interrogating glyph boundaries. + * One can now use text flags (rather than just numerical flags) +when opening a font file via the Python API. + * UFO import now outputs the note field properly. + * SVG import is much more robust. + * We have dropped most gnulib and autotools logic in favor of +CMake, which dramatically simplifies the build system and just +as dramatically improves build time. + * As part of the switch to CMake, per the deprecation of +Python 2, and per the lack of objections to the proposal on +the mailing list, we have dropped support for building +FontForge with Python 2 support. The non-build-system Python 2 +code remains, but it is neither tested nor maintained nor +supported and is likely to follow a trajectory of decay and +then removal. + * Documentation is now rendered in Sphinx, which makes +maintenance and improvement easier. + * Translations now happen on crowdin, which makes contributions +easier. + * We got such a contribution for Croatian. + * Character view point coloring is more consistent, and preview +fills support transparency. + * The user can now move and close tabs in the character view. + * The metrics view now allows for entry of negative kerning +values and runs a bit more smoothly. + * There is now a warning when a user is about to discard an +unsaved script. + * We fixed bugs all over, as always, with particular attention +given to the metrics view, Python, Spiro, and high-resolution +displays. + * Notes on build system changes: ++ libgutils and libgunicode have been combined into + libfontforge ++ libgdraw and libfontforgeexe have been combined into the + fontforge executable itself ++ No development files are installed (headers, or pkg-config). + This is because we do not provide a stable API or ABI to work + against, nor are the headers actually well configured to be + used externally. We are also not aware of any maintained + product that compiles against FontForge itself. + * Fixes use-after-free (heap) in the SFD_GetFontMetaData() +function and fix NULL pointer dereference in the +SFDGetSpiros() and SFD_AssignLookups() function(bnc#1160220, @@ -7,0 +59,44 @@ + +- Drop patch that isn't needed anymore: + * python38_config.patch + +- Add patches to fix build: + * fix-return-statement.patch + * fix-sphinx-doc.patch (only for Leap 15.2) + +--- +Wed Oct 30 13:28:56 UTC 2019 - Ondřej Súkup + +- add python38_config.patch to build with python-3.8 +- spec-cleaned + +--- +Wed Aug 21 12:36:23 UTC 2019 - pgaj...@suse.com + +- version update to 20190801 [bsc#1145185] + * Bugfixes + * Added Croatian translation + * Added user decompositions + * New graphic for the splash/about screen + * Images embedded in SFDs are now serialised as PNGs + * Both the Windows and Mac builds are now built with Python 3 instead of Python 2. + * The minimum supported version for the Mac build is now MacOS Sierra (10.12) + * FontForge no longer uses gnulib + * collab support has been removed + * Complete GDK support, enabled by default on Windows and Macintosh, from
commit fontforge for openSUSE:Leap:15.2
Hello community, here is the log from the commit of package fontforge for openSUSE:Leap:15.2 checked in at 2020-01-23 09:20:32 Comparing /work/SRC/openSUSE:Leap:15.2/fontforge (Old) and /work/SRC/openSUSE:Leap:15.2/.fontforge.new.26092 (New) Package is "fontforge" Thu Jan 23 09:20:32 2020 rev:18 rq:765138 version:20170731 Changes: --- /work/SRC/openSUSE:Leap:15.2/fontforge/fontforge.changes2020-01-15 14:55:28.109589935 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.fontforge.new.26092/fontforge.changes 2020-01-23 09:20:37.726691708 +0100 @@ -1,0 +2,8 @@ +Tue Jan 14 09:54:40 UTC 2020 - Cliff Zhao + +- Add fontforge-CVE-2020-5395-5496.patch: Use-after-free (heap) in +the SFD_GetFontMetaData() function and fix NULL pointer dereference +in the SFDGetSpiros() and SFD_AssignLookups() function(bnc#1160220, +bnc#1160236, CVE-2020-5395, CVE-2020-5496). + +--- New: fontforge-CVE-2020-5395-5496.patch Other differences: -- ++ fontforge.spec ++ --- /var/tmp/diff_new_pack.1xPjG8/_old 2020-01-23 09:20:39.182692438 +0100 +++ /var/tmp/diff_new_pack.1xPjG8/_new 2020-01-23 09:20:39.182692438 +0100 @@ -30,6 +30,8 @@ # workardound for bug 930076, imho upstream should fix this # https://github.com/fontforge/fontforge/issues/2270 Patch0: fontforge-version.patch +# PATCH-FIX-UPSTREAM fontforge-CVE-2020-5395-5496.patch bnc#1160220 bnc#1160236 CVE-2020-5395 CVE-2020-5496 qz...@suse.com -- Fix for NULL pointer dereference in the SFDGetSpiros() and SFD_AssignLookups(). +Patch1:fontforge-CVE-2020-5395-5496.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: cairo-devel @@ -96,6 +98,7 @@ %prep %setup -q %patch0 +%patch1 -p1 sed -i 's/\r$//' doc/html/{Big5.txt,corpchar.txt} # workaround for bug 930076; we just need the _version_of_the_release_! (see also fontforge-version.patch) --- grep 'doversion(FONTFORGE_MODTIME_STR)' fontforgeexe/startnoui.c && \ @@ -125,8 +128,7 @@ %postun -p /sbin/ldconfig %files -f FontForge.lang -%defattr(-,root,root) -%doc LICENSE COPYING.gplv3 +%license LICENSE COPYING.gplv3 %exclude %{_docdir}/%{name}/html %{_mandir}/man1/*.1* %{_bindir}/* @@ -137,14 +139,14 @@ %{_datadir}/icons/hicolor/*/apps/%{name}.png %{_datadir}/icons/hicolor/scalable/apps/%{name}.svg %{_datadir}/mime/packages/%{name}.xml +%dir %{_docdir}/fontforge %files doc -%defattr(-,root,root) -%doc AUTHORS LICENSE README.md +%license LICENSE +%doc AUTHORS README.md %doc %{_docdir}/%{name}/html %files devel -%defattr(-, root, root) %doc CONTRIBUTING.md %{_includedir}/fontforge/ %{_libdir}/pkgconfig/*.pc ++ fontforge-CVE-2020-5395-5496.patch ++ diff --git a/fontforge/sfd.c b/fontforge/sfd.c index d76a86c94..91d064c68 100644 --- a/fontforge/sfd.c +++ b/fontforge/sfd.c @@ -3885,13 +3885,16 @@ static void SFDGetSpiros(FILE *sfd,SplineSet *cur) { while ( fscanf(sfd,"%lg %lg %c", , , )==3 ) { if ( cur!=NULL ) { if ( cur->spiro_cnt>=cur->spiro_max ) - cur->spiros = realloc(cur->spiros,(cur->spiro_max+=10)*sizeof(spiro_cp)); + cur->spiros = realloc(cur->spiros, + (cur->spiro_max+=10)*sizeof(spiro_cp)); cur->spiros[cur->spiro_cnt++] = cp; } } -if ( cur!=NULL && (cur->spiros[cur->spiro_cnt-1].ty&0x7f)!=SPIRO_END ) { +if (cur!=NULL && cur->spiro_cnt>0 + && (cur->spiros[cur->spiro_cnt-1].ty&0x7f)!=SPIRO_END ) { if ( cur->spiro_cnt>=cur->spiro_max ) - cur->spiros = realloc(cur->spiros,(cur->spiro_max+=1)*sizeof(spiro_cp)); + cur->spiros = realloc(cur->spiros, + (cur->spiro_max+=1)*sizeof(spiro_cp)); memset(>spiros[cur->spiro_cnt],0,sizeof(spiro_cp)); cur->spiros[cur->spiro_cnt++].ty = SPIRO_END; } @@ -7810,10 +7813,12 @@ bool SFD_GetFontMetaData( FILE *sfd, else if ( strmatch(tok,"LayerCount:")==0 ) { d->had_layer_cnt = true; - getint(sfd,>layer_cnt); - if ( sf->layer_cnt>2 ) { + int layer_cnt_tmp; + getint(sfd,_cnt_tmp); + if ( layer_cnt_tmp>2 ) { sf->layers = realloc(sf->layers,sf->layer_cnt*sizeof(LayerInfo)); memset(sf->layers+2,0,(sf->layer_cnt-2)*sizeof(LayerInfo)); + sf->layer_cnt = layer_cnt_tmp; } } else if ( strmatch(tok,"Layer:")==0 ) @@ -8766,6 +8771,10 @@ exit( 1 ); } } +// Many downstream functions assume this isn't NULL (use strlen, etc.) +if ( sf->fontname==NULL) + sf->fontname = copy(""); + if ( fromdir ) sf = SFD_FigureDirType(sf,tok,dirname,enc,remap,had_layer_cnt);