Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1887084
Summary: | freetype-2.10.4 is available | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Upstream Release Monitoring <upstream-release-monitoring> |
Component: | freetype | Assignee: | Marek Kašík <mkasik> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | ajax, apodtele, caillon+fedoraproject, fonts-bugs, gnome-sig, john.j5live, kevin, mclasen, mkasik, rhughes, rstrode, sandmann, xose.vazquez |
Target Milestone: | --- | Keywords: | FutureFeature, Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | freetype-2.10.4-1.fc33 freetype-2.10.4-1.fc32 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-10-25 01:01:15 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Upstream Release Monitoring
2020-10-10 17:38:34 UTC
The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you. Please use URLs in your Source declarations if possible. - ftconfig.h (In reply to Upstream Release Monitoring from comment #0) > Latest upstream release: 2.10.3 > Current version/release in rawhide: 2.10.2-3.fc33 > URL: https://www.freetype.org/ > Based on the information from anitya: https://release-monitoring.org/project/854/ CHANGES BETWEEN 2.10.2 and 2.10.3 I. IMPORTANT CHANGES - New flag `FT_OUTLINE_OVERLAP'. If set, make the smooth rasterizer do 4x4 oversampling to mitigate artifacts in pixels partially covered by overlapping contours. Note that this at least quadruples the rendering time. If a glyph in a TrueType font has the `OVERLAP_SIMPLE' or `OVERLAP_COMPOUND' bit set, FreeType automatically selects this rendering mode. II. MISCELLANEOUS - Using the arcane method of including FreeType header files with macros like `FT_FREETYPE_H' is no longer mandatory (but retained as an optional feature for backward compatibility). - Support for building the library with Meson. Building the demo programs with Meson will follow in a forthcoming release. - Minor improvements to the B/W rasterizer. - Auto-hinter support for Medefaidrin script. - Fix various memory leaks (mainly for CFF) and other issues that might cause crashes in rare circumstances. - Jam support has been removed. - In `ftview', custom LCD filter values are now normalized and balanced. Unorthodox filters are still available through the `-L' command line option. - The GUI demo programs can now be resized. - Demo programs that accept command line option `-k' can now handle function keys, too. The corresponding character codes start with 0xF1. As an example, the POSIX shell syntax (accepted by bash, ksh, and zsh) -k $'\xF3q' emulates the pressing of function key `F3' followed by key `q'. Please include the man pages for the freetype-demos packages. Latest upstream release: 2.10.4 Current version/release in rawhide: 2.10.2-3.fc33 URL: https://www.freetype.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/854/ The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you. Please use URLs in your Source declarations if possible. - ftconfig.h (In reply to Upstream Release Monitoring from comment #4) > Latest upstream release: 2.10.4 > Current version/release in rawhide: 2.10.2-3.fc33 > URL: https://www.freetype.org > Based on the information from anitya: https://release-monitoring.org/project/854/ CHANGES BETWEEN 2.10.3 and 2.10.4 This is an emergency release, fixing a severe vulnerability in embedded PNG bitmap handling. I. IMPORTANT BUG FIXES - A heap buffer overflow has been found in the handling of embedded PNG bitmaps, introduced in FreeType version 2.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999 If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately. FEDORA-2020-6299161e89 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89 FEDORA-2020-768b1690f8 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8 Hi, I've pushed the new version also to Fedora 32 and Fedora 33 since abipkgdiff does not show difference between them and public API hasn't changed. I've also added the man pages there. FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-768b1690f8` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-6299161e89 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6299161e89` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2020-6299161e89 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. |