Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1887084 - freetype-2.10.4 is available
Summary: freetype-2.10.4 is available
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: freetype
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Marek Kašík
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-10-10 17:38 UTC by Upstream Release Monitoring
Modified: 2020-10-25 01:19 UTC (History)
13 users (show)

Fixed In Version: freetype-2.10.4-1.fc33 freetype-2.10.4-1.fc32
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-10-25 01:01:15 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Upstream Release Monitoring 2020-10-10 17:38:34 UTC
Latest upstream release: 2.10.3
Current version/release in rawhide: 2.10.2-3.fc33
URL: https://www.freetype.org/

Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.


Based on the information from anitya: https://release-monitoring.org/project/854/

Comment 1 Upstream Release Monitoring 2020-10-10 17:38:38 UTC
The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you.  Please use URLs in your Source declarations if possible.

- ftconfig.h

Comment 2 Xose Vazquez Perez 2020-10-11 00:17:12 UTC
(In reply to Upstream Release Monitoring from comment #0)

> Latest upstream release: 2.10.3
> Current version/release in rawhide: 2.10.2-3.fc33
> URL: https://www.freetype.org/
> Based on the information from anitya: https://release-monitoring.org/project/854/

CHANGES BETWEEN 2.10.2 and 2.10.3

  I. IMPORTANT CHANGES

  - New flag `FT_OUTLINE_OVERLAP'.  If set, make the smooth rasterizer
    do  4x4 oversampling  to  mitigate artifacts  in pixels  partially
    covered  by  overlapping  contours.    Note  that  this  at  least
    quadruples the rendering time.

    If  a  glyph  in  a  TrueType font  has  the  `OVERLAP_SIMPLE'  or
    `OVERLAP_COMPOUND'  bit set,  FreeType automatically  selects this
    rendering mode.


  II. MISCELLANEOUS

  - Using the  arcane method of  including FreeType header  files with
    macros like  `FT_FREETYPE_H' is no longer  mandatory (but retained
    as an optional feature for backward compatibility).

  - Support for  building the library  with Meson.  Building  the demo
    programs with Meson will follow in a forthcoming release.

  - Minor improvements to the B/W rasterizer.

  - Auto-hinter support for Medefaidrin script.

  - Fix various  memory leaks (mainly  for CFF) and other  issues that
    might cause crashes in rare circumstances.

  - Jam support has been removed.

  - In  `ftview', custom  LCD  filter values  are  now normalized  and
    balanced.  Unorthodox filters are still available through the `-L'
    command line option.

  - The GUI demo programs can now be resized.

  - Demo programs that accept command  line option `-k' can now handle
    function keys, too.  The  corresponding character codes start with
    0xF1.  As  an example, the  POSIX shell syntax (accepted  by bash,
    ksh, and zsh)

      -k $'\xF3q'

    emulates the pressing of function key `F3' followed by key `q'.

Comment 3 Alexei Podtelezhnikov 2020-10-15 18:10:12 UTC
Please include the man pages for the freetype-demos packages.

Comment 4 Upstream Release Monitoring 2020-10-20 06:12:30 UTC
Latest upstream release: 2.10.4
Current version/release in rawhide: 2.10.2-3.fc33
URL: https://www.freetype.org/

Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream.


Based on the information from anitya: https://release-monitoring.org/project/854/

Comment 5 Upstream Release Monitoring 2020-10-20 06:12:34 UTC
The following Sources of the specfile are not valid URLs so we cannot automatically build the new version for you.  Please use URLs in your Source declarations if possible.

- ftconfig.h

Comment 6 Xose Vazquez Perez 2020-10-20 08:39:36 UTC
(In reply to Upstream Release Monitoring from comment #4)

> Latest upstream release: 2.10.4
> Current version/release in rawhide: 2.10.2-3.fc33
> URL: https://www.freetype.org 
> Based on the information from anitya: https://release-monitoring.org/project/854/

CHANGES BETWEEN 2.10.3 and 2.10.4

This is an emergency release, fixing a severe vulnerability in embedded PNG bitmap handling.

  I. IMPORTANT BUG FIXES

  - A heap buffer overflow has been found  in the handling of embedded
    PNG bitmaps, introduced in FreeType version 2.6.

      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999

    If you  use option  FT_CONFIG_OPTION_USE_PNG  you  should  upgrade
    immediately.

Comment 7 Fedora Update System 2020-10-23 12:21:39 UTC
FEDORA-2020-6299161e89 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89

Comment 8 Fedora Update System 2020-10-23 12:21:40 UTC
FEDORA-2020-768b1690f8 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8

Comment 9 Marek Kašík 2020-10-23 12:27:44 UTC
Hi,

I've pushed the new version also to Fedora 32 and Fedora 33 since abipkgdiff does not show difference between them and public API hasn't changed. I've also added the man pages there.

Comment 10 Fedora Update System 2020-10-23 23:40:43 UTC
FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-768b1690f8`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-768b1690f8

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 11 Fedora Update System 2020-10-23 23:51:20 UTC
FEDORA-2020-6299161e89 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6299161e89`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6299161e89

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 12 Fedora Update System 2020-10-25 01:01:15 UTC
FEDORA-2020-768b1690f8 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 13 Fedora Update System 2020-10-25 01:19:31 UTC
FEDORA-2020-6299161e89 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.