freetype (2.12.1+dfsg-5+deb12u3) bookworm; urgency=medium * Disable the experimental and incomplete COLRv1 API once again. * debian/patches: + Re-enable disable_COLRv1.patch. + get_colr_glyph_paint.patch: Use correct predicate before function call. -- Hugh McMaster <hugh.mcmaster@outlook.com> Sat, 24 Feb 2024 22:01:26 +1100 freetype (2.12.1+dfsg-5+deb12u2) bookworm; urgency=high * debian/patches: Temporarily revert disable_COLRv1.patch to allow Chromium to start (Closes: #1053142). -- Hugh McMaster <hugh.mcmaster@outlook.com> Fri, 29 Sep 2023 22:27:32 +1000 freetype (2.12.1+dfsg-5+deb12u1) bookworm; urgency=medium * debian/patches: Disable COLRv1 support, which was unintentionally enabled by upstream in this version of FreeType (Closes: #1051816). -- Hugh McMaster <hugh.mcmaster@outlook.com> Mon, 25 Sep 2023 19:45:10 +1000 freetype (2.12.1+dfsg-5) unstable; urgency=medium * debian/patches: Add a patch to fix CVE-2023-2004 (Closes: #1034612). - Integer overflow in tt_hvadvance_adjust(). -- Hugh McMaster <hugh.mcmaster@outlook.com> Thu, 20 Apr 2023 21:08:03 +1000 freetype (2.12.1+dfsg-4) unstable; urgency=medium [ Debian Janitor ] * Update Lintian override info format in freetype2-demos.lintian-overrides. * Re-export upstream signing key without extra signatures. * Raise Standards-Version to 4.6.2 (no changes needed). [ Hugh McMaster ] * debian/control: Update Homepage URL. * debian/control, debian/rules: + Add the 'pkg.freetype.nodemos' build profile (Closes: #1011049). + Support the 'noudeb' build profile (Closes: #1024949). + Drop support for the deprecated 'stage1' build profile. * debian/copyright: + Update Source URL. + Update 'debian' copyright block for 2023. * debian/rules: Remove un-needed dh_install exclusion from the override. * debian/upstream/metadata: Add upstream repositories and update values. * freetype2-demos: Update typo-in-manual-page Lintian override. * lintian-overrides: Drop source-contains-prebuilt-javascript-object. * freetype2-demos: Install binaries and man pages via upstream Makefile. -- Hugh McMaster <hugh.mcmaster@outlook.com> Thu, 12 Jan 2023 23:05:22 +1100 freetype (2.12.1+dfsg-3) unstable; urgency=medium * debian/control: Raise Standards-Version to 4.6.1 (no changes needed). * debian/patches: - ftbench: Exit if the number of glyphs is zero (CVE-2022-31782). - Fix a wild free in certain OT-SVG fonts (Closes: #1013094). Thanks to Ben Wagner for providing a patch. - Harden the demos by appending CPPFLAGS to CFLAGS. -- Hugh McMaster <hugh.mcmaster@outlook.com> Sun, 19 Jun 2022 21:55:46 +1000 freetype (2.12.1+dfsg-2) unstable; urgency=medium * Revert "debian/control: Build-Depend on librsvg2-dev". - Avoid breaking cross-architecture bootstrap. - Prevent a circular build-dependency. -- Hugh McMaster <hugh.mcmaster@outlook.com> Mon, 16 May 2022 21:43:37 +1000 freetype (2.12.1+dfsg-1) unstable; urgency=medium * New upstream version: Support for OpenType SVG fonts in the demo programs. * debian/copyright: Update for FreeType 2.12.1. * debian/patches: Drop cff-segfault, integer-overflow, reset-iup-flags, sdf-invisible-glyphs and set-ft-face-flag-color patches. * debian/control: Build-Depend on librsvg2-dev. * debian/rules: Build the udeb package without librsvg. * Update upstream's GPG public signing key. -- Hugh McMaster <hugh.mcmaster@outlook.com> Fri, 13 May 2022 19:46:58 +1000 freetype (2.12.0+dfsg-1) unstable; urgency=medium * New upstream version: - Support for OpenType SVG fonts. By default, FreeType will only load the 'SVG' table of an OpenType font. Please note: OT-SVG support will be enabled in Debian when FreeType 2.12.1 is released. - Improved handling of fonts with an 'sbix' table. * Update upstream's GPG signing key. * debian/control: freetype-doc no longer Depends on libjs-jquery. * debian/copyright: Update for FreeType 2.12.0. * debian/patches: - Drop CVE-2022-27404, CVE-2022-27405, CVE-2022-27406 and jquery patches. - Refresh enable-gxvalid-otvalid and hide-donations-information patches. - Cherry-pick upstream patches: + Set FT_FACE_FLAG_COLOR + Properly handle invisible glyphs + Fix rendering of certain glyphs + Prevent an integer overflow + Fix a segfault when size is NULL. * Update a comment in the Lintian source-overrides file. -- Hugh McMaster <hugh.mcmaster@outlook.com> Sun, 08 May 2022 19:03:37 +1000 freetype (2.11.1+dfsg-2) unstable; urgency=high * Add upstream patches to fix multiple vulnerabilities. Closes: #1010183. - CVE-2022-27404: heap buffer overflow via invalid integer decrement in sfnt_init_face() and woff2_open_font(). - CVE-2022-27405: segmentation violation via ft_open_face_internal() when attempting to read the value of FT_LONG face_index. - CVE-2022-27406: segmentation violation via FT_Request_Size() when attempting to read the value of an unguarded face size handle. * debian/copyright: Update debian/* section for 2022. -- Hugh McMaster <hugh.mcmaster@outlook.com> Tue, 26 Apr 2022 23:16:58 +1000 freetype (2.11.1+dfsg-1) unstable; urgency=medium * New upstream version: - Experimental COLR v1 API updated to OpenType standard 1.9. - Some fields in the 'CID_FaceDictRec', 'CID_FaceInfoRec' and 'FT_Data' structures have been changed from signed to unsigned types. - Removal of legacy blitter from graph-based demos. * freetype2-doc: - Remove links file. The tutorial documentation no longer uses jQuery. - Don't install the CMAKE file. * libfreetype6: Update symbols file for FreeType 2.11.1. * Remove all files in debian/missing-sources (no longer needed). * debian/control: - libfreetype-dev now Provides libfreetype6-dev (Closes: #1002049). Thanks to Jochen Sprickerhof for supplying a patch. - No longer Build-Depend on libjs-jquery. * debian/copyright: Update for FreeType 2.11.1. * debian/patches: - Drop autogen-no-git.patch (applied upstream). - Drop ft2demos-no-rpath.patch and fix-js-doc-paths.patch. Neither patch is needed due to upstream changes. - Add a patch to remove remaining jQuery script tags. - use-donation-button.patch: Use a button instead of an image for donations. Thanks to Paul Wise for the patch. (Closes: #998065). * debian/rules: - Update files excluded during the dh_installdocs-indep override. - Trim relative folder paths in the tutorial documentation. - Drop string substitution of the #defined value of SIZEOF_LONG. This is no longer needed due to upstream changes. * debian/upstream/metadata: Update for FreeType 2.11.1. -- Hugh McMaster <hugh.mcmaster@outlook.com> Wed, 29 Dec 2021 10:22:50 +1100 freetype (2.11.0+dfsg-1) unstable; urgency=medium * New upstream version: - Support for creating 8-bit Signed Distance Field (SDF) bitmaps for both outline and bitmap glyphs via a new rendering module. - Access to surfacing properties of 'COLR' v1 color fonts via a new experimental API. - Further demotion of the legacy Type 1 and CFF engines due to a lack of support for CFF2 charstrings. - Correct handling of PCF bitmap fonts compressed with LZW. - Enhancements to various demo programs. * Subpixel rendering re-enabled for release builds. * debian/control: - Raise Standards-Version to 4.6.0 from 4.5.1 (no changes needed). - Replace fonts-material-design-icons-iconfont with fonts-dejavu-core. * debian/copyright: Update for FreeType 2.11.0. * debian/gbp.conf: Use DEP-14 branch naming. * debian/libfreetype6.symbols: Update for FreeType 2.11.0. * debian/patches: - autogen-no-git.patch: Only use git commands if building from a branch. - Drop remove-gstatic-code.patch (replaced by sed commands in d/rules). - Update and refresh other patches. * debian/rules: - Include /usr/share/dpkg/architecture.mk. - Update file exclusions in dh_installdocs-indep. - Remove specific lines from the HTML reference documentation to prevent Lintian privacy-* warnings. * debian/source/lintian-overrides: Silence errors about long lines in the HTML documentation. * freetyp2-demos: Add wildcard line context to the typo-in-manual-page tag. * Remove legacy maintscripts (freetype2-demos, libfreetype6-dev). -- Hugh McMaster <hugh.mcmaster@outlook.com> Thu, 14 Oct 2021 22:06:22 +1100 freetype (2.10.4+dfsg-1) unstable; urgency=medium * New upstream version: - Fix for CVE-2020-15999 (heap buffer overflow) now included. - New flag `FT_OUTLINE_OVERLAP' available to make the smooth rasterizer do 4x4 oversampling to mitigate artifacts in pixels partially covered by overlapping contours. This at least quadruples the rendering time. FreeType automatically uses this rendering mode if a glyph in a TrueType font has the `OVERLAP_SIMPLE' or `OVERLAP_COMPOUND' bit set. - Including FreeType header files via FT_*_H macros is no longer required. Downstream packages are encouraged to include the FreeType headers via standard paths, e.g. #include <freetype/freetype.h>. - Support for building with Meson. - Fixes for various memory leaks, primarily in the CFF driver module. - Jam support has been removed. - Many improvements to demo programs. - The obsolete `HAVE_STDINT_H' probing macro has been removed. - Public macro definitions required by the FreeType API have been moved to include/freetype/config/public-macros.h. - Private macro definitions used by the FreeType API have been moved to include/freetype/config/compiler-macros.h. - New common header for integer data types added. * debian/control: - Build-Depend on zlib1g-dev | libz-dev. - Raise Standards-Version from 4.5.0 to 4.5.1 (no changes needed). * debian/copyright: - Update for FreeType 2.10.4. - Remove redundant globbing patterns. * debian/patches: - Drop cve-2020-15999.patch (fix included in FreeType 2.10.4). - Refresh enable-subpixel-rendering.patch. - Refresh hide-donations-information.patch. * debian/rules: Remove debian/udeb directory before building. * debian/tests/libfreetype-dev: Replace the FT_FREETYPE_H macro with a standard header inclusion. -- Hugh McMaster <hugh.mcmaster@outlook.com> Sat, 05 Dec 2020 19:20:58 +1100 freetype (2.10.2+dfsg-4) unstable; urgency=high * debian/patches: Add upstream patch for CVE-2020-15999 (Closes: #972586). - Prevent heap buffer overflow when handling embedded PNG bitmaps in malformed TrueType font files. -- Hugh McMaster <hugh.mcmaster@outlook.com> Wed, 21 Oct 2020 09:39:47 +1100 freetype (2.10.2+dfsg-3) unstable; urgency=medium [ Simon McVittie ] * d/tests: Add a superficial compile/link/run autopkgtest (Closes: #964246). [ Hugh McMaster ] * debian/rules: - Update a comment. - Fix whitespace formatting. - Override dh_auto_clean to clean up ft2demos. - Override dh_auto_clean to remove objs/.libs/libfreetype.ver. - Run a separate build sequence for libfreetype6-udeb, which should not depend on libbrotli1 (Closes: #964774). * Minor stylistic changes to d/tests/libfreetype-dev. - Thanks to Simon McVittie for writing the autopkgtest. -- Hugh McMaster <hugh.mcmaster@outlook.com> Wed, 15 Jul 2020 22:10:01 +1000 freetype (2.10.2+dfsg-2) unstable; urgency=medium * debian/control: Add libbrotli-dev as a dependency of libfreetype-dev (Closes: #964185). -- Hugh McMaster <hugh.mcmaster@outlook.com> Fri, 03 Jul 2020 22:40:45 +1000 freetype (2.10.2+dfsg-1) unstable; urgency=medium * New upstream version: - Support for WOFF2 fonts. - Type 1 fonts with non-integer metrics are now supported by the new (CFF) engine introduced in FreeType 2.9. - Auto-hinter support for Hanifi Rohingya. * Repack to remove non-DFSG-compatible minified JavaScript files from the main upstream tarball. * debian/control: - Raise Standards-Version to 4.5.0 from 4.4.1. - Sort Build-Depends list. - Use debhelper-compat version 13. - Build-Depend on libbrotli-dev to support WOFF2 fonts. - Sort the libfreetype-dev Depends field. - Recommend fonts-material-design-icons-iconfont with freetype2-doc. * debian/copyright: - Update for FreeType 2.10.2. - Add Files-Excluded field. - Remove copyright information for Excluded files. * debian/gbp.conf: - Always use pristine-tar. - Add component option for import-orig and export-orig. * Add debian/not-installed. * debian/patches: - Drop scale-phantom-points.patch and verbose-libtool.patch. - remove-gstatic-code.patch: Update file paths and patch content. - fix-js-doc-paths.patch: Add missing HTML files. - hide-donations-information.patch: Refresh patch. - Update patch order in the series file. * debian/rules: - Remove the dh_auto_install override. - Stop moving the HTML documentation (problem fixed upstream). - Force installation of correct ChangeLog for freetype2-demos. - Install the HTML documentation in libfreetype-dev but package the files in freetype2-doc (as preferred by Debian Policy section 12.3). - Install the CHANGES and PCF README files in libfreetype-dev. - Do not install docs/reference/assets/images. These files are not used. - Drop the reference/README installation exclusion in freetype2-docs. * debian/watch: - Download xz-compressed tarballs (Closes: #952973). - Update the filenamemangle used with the ft2docs tarball component. - Don't call uupdate. - Repack the main upstream source tarball to comply with the DFSG. * freetype2-demos: - Update manpage source path. - Use renamed lintian tag. * freetype2-doc: - Update doc-base registration paths. - Install jQuery symlink in libfreetype-dev. - Update paths in lintian overrides. -- Hugh McMaster <hugh.mcmaster@outlook.com> Thu, 02 Jul 2020 22:00:01 +1000 freetype (2.10.1-2) unstable; urgency=medium * Release to unstable. * debian/control: - Raise Standards-Version to 4.4.1 from 4.4.0 (no changes needed). - Add Rules-Requires-Root: no. * debian/rules: - Move the FreeType API Reference location to docs/reference to revert an incorrect upstream change introduced in FreeType 2.10. - Update dh_installdocs-indep path exclusion to account for the change to the API Reference path. * debian/patches: - Drop fix-api-reference-hyperlink.patch. - Add a patch to fix broken JavaScript paths in the documentation. * freetype2-doc: - Update the API Reference path in the doc-base file. - Update Lintian overrides. -- Hugh McMaster <hugh.mcmaster@outlook.com> Mon, 07 Oct 2019 23:42:48 +1100 freetype (2.10.1-1) experimental; urgency=medium * New upstream release. * libfreetype6-dev has been renamed to libfreetype-dev. - libfreetype6-dev is now a transitional package. - Please update your build dependencies accordingly. * debian/libfreetype6.symbols: Update for FreeType 2.10.1 - FT_Outline_New_Internal and FT_Outline_Done_Internal have been removed. These functions were public by oversight only and were never documented. - FreeType's library soname remains unchanged. * debian/control: - freetype2-doc now Recommends fonts-noto-core. * debian/copyright: Update for FreeType 2.10.1. - Upstream removed several files in FreeType 2.10. - Some new files were added and have their own licences. * debian/patches: - Drop no-uninitialized-bbox.patch and compiler_hardening_fixes.patch. These patches were accepted upstream. - Drop revert-wrong-extern.patch (no longer needed). - Add a patch to prevent use of fonts.gstatic.com and fonts.googleapis.com in the FreeType 2 documentation. - Add a patch to fix broken hyperlinks to the FreeType API Reference. - Refresh all other patches. * debian/rules: - Correctly parse FreeType's release version for dh_makeshlibs. * freetype2-doc: - Most of the documentation is now located in the 'site' sub-directory due to an upstream change. - Exclude Material Icons and Font Awesome from installation. - Add a Lintian override to prevent warnings about duplicate favicons. - Update the doc-base file. * Add a Debian upstream metadata file. -- Hugh McMaster <hugh.mcmaster@outlook.com> Fri, 16 Aug 2019 20:42:30 +1000 freetype (2.9.1-4) unstable; urgency=medium * debian/compat: Remove legacy file. * debian/control: - Build-Depend on debhelper-compat (version 12). - Raise Standards-Version to 4.4.0 (no changes needed). - Demote Recommends: freetype2-doc to Suggests (Closes: #919284). * debian/patches: - Add an upstream patch to properly handle phantom points for variable hinted fonts (Closes: #932303). -- Hugh McMaster <hugh.mcmaster@outlook.com> Wed, 24 Jul 2019 19:59:39 +1000 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog libfreetype6-dev`.
Generated by dwww version 1.15 on Sun May 19 03:22:57 CEST 2024.