Bug 1887084

The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you.  Please use URLs in your Source declarations if possible.

- ftconfig.h

(In reply to Upstream Release Monitoring from comment #0)

> Latest upstream release: 2.10.3
> Current version/release in rawhide: 2.10.2-3.fc33
> URL: https://www.freetype.org/
> Based on the information from anitya: https://release-monitoring.org/project/854/

CHANGES BETWEEN 2.10.2 and 2.10.3

  I. IMPORTANT CHANGES

  - New flag `FT_OUTLINE_OVERLAP'.  If set, make the smooth rasterizer
    do  4x4 oversampling  to  mitigate artifacts  in pixels  partially
    covered  by  overlapping  contours.    Note  that  this  at  least
    quadruples the rendering time.

    If  a  glyph  in  a  TrueType font  has  the  `OVERLAP_SIMPLE'  or
    `OVERLAP_COMPOUND'  bit set,  FreeType automatically  selects this
    rendering mode.


  II. MISCELLANEOUS

  - Using the  arcane method of  including FreeType header  files with
    macros like  `FT_FREETYPE_H' is no longer  mandatory (but retained
    as an optional feature for backward compatibility).

  - Support for  building the library  with Meson.  Building  the demo
    programs with Meson will follow in a forthcoming release.

  - Minor improvements to the B/W rasterizer.

  - Auto-hinter support for Medefaidrin script.

  - Fix various  memory leaks (mainly  for CFF) and other  issues that
    might cause crashes in rare circumstances.

  - Jam support has been removed.

  - In  `ftview', custom  LCD  filter values  are  now normalized  and
    balanced.  Unorthodox filters are still available through the `-L'
    command line option.

  - The GUI demo programs can now be resized.

  - Demo programs that accept command  line option `-k' can now handle
    function keys, too.  The  corresponding character codes start with
    0xF1.  As  an example, the  POSIX shell syntax (accepted  by bash,
    ksh, and zsh)

      -k $'\xF3q'

    emulates the pressing of function key `F3' followed by key `q'.

Please include the man pages for the freetype-demos packages.

Latest upstream release: 2.10.4
Current version/release in rawhide: 2.10.2-3.fc33
URL: https://www.freetype.org/

Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.


Based on the information from anitya: https://release-monitoring.org/project/854/

The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you.  Please use URLs in your Source declarations if possible.

- ftconfig.h

(In reply to Upstream Release Monitoring from comment #4)

> Latest upstream release: 2.10.4
> Current version/release in rawhide: 2.10.2-3.fc33
> URL: https://www.freetype.org 
> Based on the information from anitya: https://release-monitoring.org/project/854/

CHANGES BETWEEN 2.10.3 and 2.10.4

This is an emergency release, fixing a severe vulnerability in embedded PNG bitmap handling.

  I. IMPORTANT BUG FIXES

  - A heap buffer overflow has been found  in the handling of embedded
    PNG bitmaps, introduced in FreeType version 2.6.

      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999

    If you  use option  FT_CONFIG_OPTION_USE_PNG  you  should  upgrade
    immediately.

FEDORA-2020-6299161e89 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89

FEDORA-2020-768b1690f8 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8

Hi,

I've pushed the new version also to Fedora 32 and Fedora 33 since abipkgdiff does not show difference between them and public API hasn't changed. I've also added the man pages there.

FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-768b1690f8`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-2020-6299161e89 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6299161e89`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

FEDORA-2020-6299161e89 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.