--- freetype-2.5.2.orig/debian/README.source +++ freetype-2.5.2/debian/README.source @@ -0,0 +1,22 @@ +Because FreeType upstream distributes the source as a set of multiple +tarballs, the Debian package currently uses a tar-in-tar format, with +Debian changes managed using quilt and stored in two different +directories corresponding to the respective upstream tarballs: +debian/patches-freetype and debian/patches-ft2demos. + +To unpack the patched sources, run './debian/rules patch'. + +For general information on how to apply patches, modify patches, or +remove a patch, please see: + + /usr/share/doc/quilt/README.source + +To edit patches after unpacking, cd to the subdirectory for the +corresponding upstream tarball and use for QUILT_PATCHES either +QUILT_PATCHES=../debian/patches-freetype or +QUILT_PATCHES=../debian/patches-ft2demos. + +To upgrade to a new upstream version, run +./debian/rules get-orig-source ver=, which will +download the upstream tarballs and pack them into an .orig.tar.gz +according to the scheme used here. --- freetype-2.5.2.orig/debian/changelog +++ freetype-2.5.2/debian/changelog @@ -0,0 +1,1835 @@ +freetype (2.5.2-4ubuntu1) wily; urgency=medium + + * Merge from Debian unstable, remaining changes: + - debian/patches-freetype/revert_scalable_fonts_metric.patch: + revert commit "Fix metrics on size request for scalable fonts.", + which breaks gtk underlining markups + - Make libfreetype6-dev M-A: same. + - Error out on the use of the freetype-config --libtool option. + - Don't add multiarch libdirs for freetype-config --libs. + - Install the freetype2/config headers into the multiarch include path + and provide symlinks in /usr/include. + - debian/patches-freetype/multi-thread-violations.patch: fix + multithread violations + * Dropped changes, included in Debian: + - debian/patches-freetype/CVE-2014-96xx/* + * debian/patches-freetype/savannah-bug-41309.patch: fix use of + uninitialized data. (LP: #1449225) + + -- Marc Deslauriers Fri, 22 May 2015 11:03:23 -0400 + +freetype (2.5.2-4) unstable; urgency=medium + + * Fix Savannah bug #43774. Closes #780143. + * Release 2.5.2-4 + + -- Keith Packard Sun, 15 Mar 2015 22:46:29 -0700 + +freetype (2.5.2-3) unstable; urgency=medium + + * Fix Savannah bug #43535. CVE-2014-9675 + * [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1 + * src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check + in the summation of POST fragment lengths. CVE-2014-0674-part-2 + * src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold + too long tracing messages. CVS-2014-9674-fixup-2 + * src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to read the lengths in POST fragments. CVE-2014-9674-fixup-1 + * Fix Savannah bug #43538. CVE-2014-9674-part-1 + * Fix Savannah bug #43539. CVE-2014-9673 + * src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by + a broken POST table in resource-fork. CVE-2014-9673-fixup + * Fix Savannah bug #43540. CVE-2014-9672 + * Fix Savannah bug #43547. CVE-2014-9671 + * Fix Savannah bug #43548. CVE-2014-9670 + * [sfnt] Fix Savannah bug #43588. CVE-2014-9669 + * [sfnt] Fix Savannah bug #43589. CVE-2014-9668 + * [sfnt] Fix Savannah bug #43590. CVE-2014-9667 + * [sfnt] Fix Savannah bug #43591. CVE-2014-9666 + * Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665 + * Fix uninitialized variable warning. CVE-2014-9665-fixup-2 + * Make `FT_Bitmap_Convert' correctly handle negative `pitch' values. + CVE-2014-9665-fixup + * [type1, type42] Fix Savannah bug #43655. CVE-2014-9664 + * [sfnt] Fix Savannah bug #43656. CVE-2014-9663 + * [cff] Fix Savannah bug #43658. CVE-2014-9662 + * [type42] Allow only embedded TrueType fonts. CVE-2014-9661 + * [bdf] Fix Savannah bug #43660. CVE-2014-9660 + * [cff] Fix Savannah bug #43661. CVE-2014-9659 + * [sfnt] Fix Savannah bug #43672. CVE-2014-9658 + * [truetype] Fix Savannah bug #43679. CVE-2014-9657 + * [sfnt] Fix Savannah bug #43680. CVE-2014-9656 + * All CVEs patched. Closes: #777656. + + -- Keith Packard Mon, 23 Feb 2015 22:04:36 -0800 + +freetype (2.5.2-2ubuntu3) vivid; urgency=medium + + * SECURITY UPDATE: denial of service and possible code execution via + multiple security issues + - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large + quantity of upstream commits to fix multiple security issues. + - CVE-2014-9656 + - CVE-2014-9657 + - CVE-2014-9658 + - CVE-2014-9659 + - CVE-2014-9660 + - CVE-2014-9661 + - CVE-2014-9662 + - CVE-2014-9663 + - CVE-2014-9664 + - CVE-2014-9665 + - CVE-2014-9666 + - CVE-2014-9667 + - CVE-2014-9668 + - CVE-2014-9669 + - CVE-2014-9670 + - CVE-2014-9671 + - CVE-2014-9672 + - CVE-2014-9673 + - CVE-2014-9674 + - CVE-2014-9675 + + -- Marc Deslauriers Tue, 24 Feb 2015 11:28:03 -0500 + +freetype (2.5.2-2ubuntu2) vivid; urgency=medium + + * Added patchset to fix multithread violations, LP: #1199571 + - debian/patches-freetype/multi-thread-violations.patch + + -- Marco Trevisan (Treviño) Fri, 23 Jan 2015 03:23:18 +0100 + +freetype (2.5.2-2ubuntu1) utopic; urgency=medium + + * Merge from Debian unstable, remaining changes: + - debian/patches-freetype/revert_scalable_fonts_metric.patch: + revert commit "Fix metrics on size request for scalable fonts.", + which breaks gtk underlining markups + - Make libfreetype6-dev M-A: same. + - Error out on the use of the freetype-config --libtool option. + - Don't add multiarch libdirs for freetype-config --libs. + - Install the freetype2/config headers into the multiarch include path + and provide symlinks in /usr/include. + * Dropped changes, included in Debian: + - debian/patches/CVE-2014-2240.patch: validate hintMask in + src/cff/cf2hints.c. + - debian/patches/CVE-2014-2241.patch: don't trigger asserts in + src/cff/cf2ft.c. + - debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick + upstream patch to fix a double free. + - debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick + upstream patch to fix cjk font rendering issue. + + -- Steve Langasek Fri, 19 Sep 2014 10:11:16 -0700 + +freetype (2.5.2-2) unstable; urgency=medium + + * Acknowledge security NMU; thanks to Michael Gilbert. + * Standards-Version 3.9.6. + * Bump debhelper build-dependency to 9. + * debian/patches/enable-old-cff.patch: disable the new CFF hinter from + Adobe, working around wrong hinting with some toolkits on Linux. Thanks + to Samat K Jain for preparing the patch. + Closes: #730742. + * debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick + upstream patch to fix a double free. Closes: #747002, LP: #1310728. + * debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick + upstream patch to fix cjk font rendering issue. LP: #1310017. + * debian/patches-freetype/verbose-libtool.patch: don't let libtool + suppress compiler output. + * debian/patches-freetype/no-uninitialized-bbox.patch: ensure that our + variable is reliably initialized before use, fixing a build failure on + ppc64el when building with -O3. + + -- Steve Langasek Fri, 19 Sep 2014 06:27:10 +0000 + +freetype (2.5.2-1.1) unstable; urgency=high + + * Non-maintainer upload by the Security Team. + * Fix two security issues in the CFF rasterizer (closes: #741299) + - CVE-2014-2240: out-of-bounds read/write in cf2hints.c. + - CVE-2014-2241: denial-of-service in cf2ft.c. + + -- Michael Gilbert Mon, 28 Jul 2014 02:56:08 +0000 + +freetype (2.5.2-1ubuntu5) utopic; urgency=medium + + * Make libfreetype6-dev M-A: same. + * Error out on the use of the freetype-config --libtool option. + * Don't add multiarch libdirs for freetype-config --libs. + * Install the freetype2/config headers into the multiarch include path + and provide symlinks in /usr/include. + + -- Matthias Klose Wed, 18 Jun 2014 22:40:19 +0200 + +freetype (2.5.2-1ubuntu4) utopic; urgency=medium + + * debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch: Cherry-pick + upstream patch to fix cjk font rendering issue. (LP: #1310017) + + -- Jinkyu Yi Mon, 05 May 2014 23:26:37 +0900 + +freetype (2.5.2-1ubuntu3) utopic; urgency=medium + + * debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch: Cherry-pick + upstream patch to fix a double free. (LP: #1310728) + + -- Iain Lane Thu, 01 May 2014 12:53:39 +0100 + +freetype (2.5.2-1ubuntu2) trusty; urgency=medium + + * SECURITY UPDATE: denial of service and possible code execution in + CFF rasterizer + - debian/patches/CVE-2014-2240.patch: validate hintMask in + src/cff/cf2hints.c. + - CVE-2014-2240 + * SECURITY UPDATE: denial of service in CFF rasterizer + - debian/patches/CVE-2014-2241.patch: don't trigger asserts in + src/cff/cf2ft.c. + - CVE-2014-2241 + + -- Marc Deslauriers Thu, 13 Mar 2014 12:47:17 -0400 + +freetype (2.5.2-1ubuntu1) trusty; urgency=medium + + * Merge from Debian unstable, remaining changes: + - debian/patches-freetype/revert_scalable_fonts_metric.patch: + revert commit "Fix metrics on size request for scalable fonts.", + which breaks gtk underlining markups + * Dropped changes, included in Debian: + - Fix png configuration for cross builds. + - Run aclocal and autoconf. + + -- Steve Langasek Sat, 28 Dec 2013 18:54:38 -0800 + +freetype (2.5.2-1) unstable; urgency=low + + * New upstream release + - fixes a crasher bug with certain fonts. Closes: #733052. + - drop of additional symbols which were previously exported but are only + meant for debugging and upstream recommends not enabling them when + building in "release mode". If this impacts users of freetype, we can + re-enable these symbols later. + * Call autogen.sh on build to refresh autotools; not using dh-autoreconf + because the upstream directory structure is non-standard and it's a + throw-away dir, so there's no advantage to dh-autoreconf's rollback + support. + * Fix symbols file with respect to more complete version info found in + Ubuntu. + * Drop debian/patches-ft2demos/compiler-warning-fixes.patch, which is + actually a bug in the compiler_hardening_fixes.patch; fix it there + instead. + * Fix libpng detection when cross-building. + + -- Steve Langasek Wed, 25 Dec 2013 09:06:22 +0000 + +freetype (2.5.1-2ubuntu1) trusty; urgency=medium + + * Merge from Debian unstable, remaining changes: + - debian/patches-freetype/revert_scalable_fonts_metric.patch: + revert commit "Fix metrics on size request for scalable fonts.", + which breaks gtk underlining markups + - Fix png configuration for cross builds. + - Run aclocal and autoconf. + + -- Steve Langasek Tue, 17 Dec 2013 23:18:19 -0800 + +freetype (2.5.1-2) unstable; urgency=low + + * Drop unnecessary GPLv2.txt from libfreetype6-dev. + * Add missing dependency on libpng-dev to libfreetype6-dev. + Closes: #732062. + + -- Steve Langasek Tue, 17 Dec 2013 20:04:17 -0800 + +freetype (2.5.1-1ubuntu2) trusty; urgency=medium + + * Fix png configuration for cross builds. + * Run aclocal and autoconf. + + -- Matthias Klose Fri, 06 Dec 2013 13:01:17 +0100 + +freetype (2.5.1-1ubuntu1) trusty; urgency=low + + * Merge from Debian unstable (LP: #1256114), remaining changes: + - debian/patches-freetype/revert_scalable_fonts_metric.patch: + revert commit "Fix metrics on size request for scalable fonts.", + which breaks gtk underlining markups + * Dropped changes, included in Debian: + - debian/control: build-depends on libpng-dev + - debian/libfreetype6.symbols: new version update + * Drop debian/patches-ft2demos/compiler-warning-fixes.patch, which is + actually a bug in the compiler_hardening_fixes.patch and has been fixed + there in the Ubuntu version. + + -- Steve Langasek Thu, 28 Nov 2013 23:10:19 +0000 + +freetype (2.5.1-1) unstable; urgency=low + + * New upstream release. Closes: #717952, #729231. + - Add build-dependency on libpng-dev. + - Dropped patches, included upstream: savannah-bug-35847.patch, + savannah-bug-35833.patch, savannah-bug-37905.patch, + savannah-bug-37906.patch, savannah-bug-37907.patch + - Internal symbols have been dropped in this version. No soname change + because the symbols are not supposed to be used, but past experience + suggests that this may break some third-party software anyway. + * compiler_hardening_fixes.patch: fix wrong snprintf() calls in ttdebug.c + that cause an overflow 100% of the time. + * debian/patches-ft2demos/compiler-warning-fixes.patch: Fix a wrong + cast that triggers a compiler warning. + * debian/patches-ft2demos/revert-wrong-extern.patch: revert wrong + upstream commit that causes a build failure. + + -- Steve Langasek Thu, 28 Nov 2013 07:05:47 +0000 + +freetype (2.5.0.1-0ubuntu2) trusty; urgency=low + + * debian/control: build-depends on libpng12-dev + + -- Sebastien Bacher Mon, 11 Nov 2013 12:03:49 +0100 + +freetype (2.5.0.1-0ubuntu1) trusty; urgency=low + + * New upstream version (lp: #1203012) + * debian/patches-freetype/git_unitialized_variable.patch, + debian/patches-ft2demos/init_variables.patch: + - dropped, the fixes are in the new version + * debian/libfreetype6.symbols: new version update + + -- Sebastien Bacher Mon, 11 Nov 2013 11:52:19 +0100 + +freetype (2.4.12-0ubuntu1) saucy; urgency=low + + * New upstream version (lp: #1179523) + * debian/patches-freetype/git_unitialized_variable.patch, + debian/patches-ft2demos/init_variables.patch: + - fix an unitialized variable warnings which were breaking the build + * debian/libfreetype6.symbols: updated + + -- Sebastien Bacher Mon, 13 May 2013 13:12:42 +0200 + +freetype (2.4.11-0ubuntu1) raring; urgency=low + + * New upstream version + * debian/patches-freetype/CVE-2012-5668.patch, + debian/patches-freetype/CVE-2012-5669.patch, + debian/patches-freetype/CVE-2012-5670.patch: + - dropped, those fixes are in the new version + * debian/patches-ft2demos/compiler_hardening_fixes.patch: + - changed unsigned char* to char* to fix "pointer targets in assignment + differ in signedness" build error + * debian/libfreetype6.symbols: updated for the new version + + -- Sebastien Bacher Fri, 08 Feb 2013 12:50:09 +0100 + +freetype (2.4.10-0ubuntu2) raring; urgency=low + + * SECURITY UPDATE: denial of service and possible code execution via NULL + pointer dereference + - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case + of allocation error in src/bdf/bdflib.c. + - CVE-2012-5668 + * SECURITY UPDATE: denial of service and possible code execution via heap + buffer over-read in BDF parsing + - debian/patches-freetype/CVE-2012-5669.patch: use correct array size + in src/bdf/bdflib.c. + - CVE-2012-5669 + * SECURITY UPDATE: denial of service and possible code execution via out- + of-bounds write + - debian/patches-freetype/CVE-2012-5670.patch: normalize negative + parameter in src/bdf/bdflib.c. + - CVE-2012-5670 + + -- Marc Deslauriers Mon, 14 Jan 2013 13:24:57 -0500 + +freetype (2.4.10-0ubuntu1) quantal; urgency=low + + * New upstream version + * debian/libfreetype6.symbols: + - new version update + * debian/patches-freetype/savannah-bug-35847.patch, + debian/patches-freetype/savannah-bug-35833.patch: + - dropped, the fixes are in the new version + * Resynchronize on Debian, remaining diff: + * debian/patches-freetype/revert_scalable_fonts_metric.patch: + - revert commit "Fix metrics on size request for scalable fonts.", + it's breaking gtk underlining markups and creating some other + issues as well (lp: #972223) + + -- Sebastien Bacher Fri, 03 Aug 2012 13:57:01 +0200 + +freetype (2.4.9-1.1) unstable; urgency=high + + * Non-maintainer upload. + Upload ACKed by Steve Langasek on #debian-devel. + * Add savannah-bug-37905.patch patch + [SECURITY] CVE-2012-5668: NULL Pointer Dereference in bdf_free_font. + (Closes: #696691) + * Add savannah-bug-37906.patch patch + [SECURITY] CVE-2012-5669: Out-of-bounds read in _bdf_parse_glyphs. + (Closes: #696691) + * Add savannah-bug-37907.patch patch + [SECURITY] CVE-2012-5670: Out-of-bounds write in _bdf_parse_glyphs. + (Closes: #696691) + + -- Salvatore Bonaccorso Fri, 28 Dec 2012 21:32:28 +0100 + +freetype (2.4.9-1) unstable; urgency=low + + * New upstream release + - upstream fix for multiple vulnerabilities: CVE-2012-1126, + CVE-2012-1133, CVE-2012-1134, CVE-2012-1136, CVE-2012-1142, + CVE-2012-1144. and others. Closes: #662864. + - update symbols file for a new symbol, ft_raccess_guess_table + * debian/patches-freetype/savannah-bug-35847.patch, + debian/patches-freetype/savannah-bug-35833.patch: pull two bugfixes from + upstream git on top of 2.4.9, to address regressions affecting + ghostscript. Thanks to Till Kamppeter for pointing this out. + * push CPPFLAGS into CFLAGS for ft2demos, so our demos will be secure. + Closes: #663613. + * don't let a quiltrc override our QUILT_PATCHES settings in debian/rules. + Closes: #617217. + * Migrate debian/copyright to copyright-format 1.0, and fix up the upstream + URL. Closes: #642059. + + -- Steve Langasek Sat, 24 Mar 2012 23:35:16 +0000 + +freetype (2.4.8-1) unstable; urgency=high + + * New upstream release + - upstream fix for CVE-2011-3439. Closes: #649122. + - adjust libfreetype6.symbols for a newly-exported function. + + -- Steve Langasek Thu, 17 Nov 2011 22:28:14 +0000 + +freetype (2.4.7-2) unstable; urgency=low + + * Use dpkg-buildflags through debhelper. + * Don't set -Werror in CFLAGS on alpha or m68k, to work around a compiler + bug. Closes: #646334. + + -- Steve Langasek Mon, 24 Oct 2011 22:02:32 +0000 + +freetype (2.4.7-1) unstable; urgency=low + + * New upstream release + - upstream fix for CVE-2011-3256. Closes: #646120. + - drop debian/patches-freetype/0001-Fix-Savannah-bug-33992.patch, + included upstream. + * Pass --without-bzip2 to configure, to avoid unwanted dependency on + libbz2. Closes: #639638. + * Standards-Version 3.9.2. + + -- Steve Langasek Sat, 22 Oct 2011 20:18:59 +0000 + +freetype (2.4.6-2) unstable; urgency=low + + * debian/patches-freetype/0001-Fix-Savannah-bug-33992.patch: [PATCH] + Fix Savannah bug #33992. Thanks to David Bevan + . Closes: #638348. + + -- Steve Langasek Sat, 20 Aug 2011 06:30:18 +0000 + +freetype (2.4.6-1) unstable; urgency=low + + * New upstream release + - fixes CVE-2011-0226, a vulnerability in parsing of Type 1 fonts. + Closes: #635871. + - upstream now builds cleanly with -Werror and the new gcc-4.6 upstream + warnings. Closes: #625328. + + -- Steve Langasek Thu, 04 Aug 2011 05:49:09 +0000 + +freetype (2.4.4-2) unstable; urgency=low + + * Build for multiarch, using debhelper compat 9. + * Add Pre-Depends: ${misc:Pre-Depends} to pick up multiarch-support + dependency. + + -- Steve Langasek Wed, 22 Jun 2011 14:38:12 -0700 + +freetype (2.4.4-1) unstable; urgency=low + + * Acknowledge security NMU - thanks, Moritz! + * New upstream release, closes: #606286, #600321 + - fixes PDF rendering issues. Closes: #612484, LP: #709229. + - fixes a rendering issue with 'S' glyphs in certain fonts. + LP: #654010. + - drop patches for CVE-2010-3855 and CVE-2010-3814, applied upstream. + - drop patch ft2demos-2.1.7-ftbench.patch; doesn't apply cleanly, the + code has changed significantly, patch never forwarded upstream. If + this is still an issue, someone will provide a fixed patch. + - drop patch ft2demos-grkey.patch, fixed upstream. + * debian/patches-freetype/enable-gxvalid-otvalid.patch: enable the + otvalid and gxvalid table validation modules. Thanks to Paul Wise + . Closes: #520879, LP: #239626. + * debian/libfreetype6.symbols: update the symbols file for the same. + * debian/rules et al.: convert to dh 7 + * drop INSTALL.* from the libfreetype6-dev docs. Closes: #550971. + * move homepage out of debian/copyright and into debian/control. + * fix GPL link to point to GPL-2 explicitly. + * clean up long-obsolete conflicts/replaces. + * drop debian/README.quilt, redundant with debian/README.source. + * drop debian/README.Debian, which talks about the long-finished transition + from freetype1. + * strip dependency_libs out of /usr/lib/libfreetype.la. + * bump standards-version to 3.9.1. + + -- Steve Langasek Mon, 21 Feb 2011 14:10:46 -0800 + +freetype (2.4.2-2.1) unstable; urgency=medium + + * Non-maintainer upload by the Security Team. + * Fix CVE-2010-3855 and CVE-2010-3814 (Closes: #602221) + + -- Moritz Muehlenhoff Thu, 18 Nov 2010 21:16:12 +0100 + +freetype (2.4.2-2) unstable; urgency=low + + * debian/patches-ft2demos/f2tdemos-grkey.patch: update to fix another + problem when building under gcc-4.5 that was overlooked in the previous + version of the patch. LP: #624740. + + -- Steve Langasek Sat, 28 Aug 2010 02:27:15 +0000 + +freetype (2.4.2-1) unstable; urgency=high + + * New upstream release + - High urgency upload for RC security bugfix. + - Corrects a stack overflow in the interpreter for CFF fonts + (CVE-2010-1797). Closes: #592399. + - drop debian/patches-freetype/opentype-missing-glyphs, included + upstream. + * Update libfreetype6.symbols for two new functions. + + -- Steve Langasek Tue, 10 Aug 2010 00:19:04 -0700 + +freetype (2.4.0-2) unstable; urgency=medium + + * debian/patches-freetype/opentype-missing-glyphs: fix from upstream for + glyphs from OpenType fonts failing to render. Closes: #589256, + LP: #605858. + * Medium-urgency upload to fix important regression. + + -- Steve Langasek Fri, 16 Jul 2010 12:37:03 -0700 + +freetype (2.4.0-1) unstable; urgency=high + + * New upstream release (closes: #572576). + - fixes CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, + CVE-2010-2519, and CVE-2010-2520 + - high-urgency upload for security bugfixes. + - drop debian/patches-freetype/freetype-bytecode-interpreter.patch and + debian/patches-freetype/enable-full-bytecode-interpreter - the + bytecode interpreter is now enabled by default upstream at last! + - drop debian/patches-freetype/freetype-bdflib-large-encodings.patch and + debian/patches-freetype/uninitialized-vars.patch, applied upstream. + - drop debian/patches-freetype/331-hmtx-no-shorts.diff, implemented + differently upstream. + - new symbol FT_Library_SetLcdFilterWeights added to the symbols table, + bump the shlibs. + - fixes problem with outlines for some OpenType fonts. Closes; #583868. + * Add a debian/watch file - though we won't use it internally due to the + multiple tarball issues. + * Begin to simplify debian/rules a little by trimming dead code. + * Don't set SHELL = /bin/bash in debian/rules, no bashisms found in + the current package. + * debian/patches/ft2demos-grkey.patch: don't point grKEY() at an enum when + it's being passed values that aren't defined in that enum, fixing a build + failure with gcc 4.5. Thanks to Brian M. Carlson for the preliminary + patch. Closes: #564989. + * docs/PATENTS no longer exists, so we don't install it. + * Add ${misc:Depends} substitutions to all packages, per lintian. + * Standards-Version to 3.8.4, no changes required. + * Clarify in debian/copyright that freetype can be used under GPLv2 or + later. + + -- Steve Langasek Tue, 13 Jul 2010 17:09:32 -0700 + +freetype (2.3.11-1) unstable; urgency=low + + * New upstream release + - drop debian/patches-freetype/proper-armel-asm-declaration.patch and + debian/patches-freetype/CVE-2009-0946.patch, applied upstream. + - new symbol tt_cmap13_class_rec added to the symbols table, bump the + shlibs. + + -- Steve Langasek Mon, 12 Oct 2009 14:14:49 -0700 + +freetype (2.3.9-5) unstable; urgency=low + + * Pass proper --host/--build args to ./configure, to support + cross-building. Closes: #465292. + * clean up a number of unused variables in debian/rules; maybe someday + we'll get this package to converge on debhelper 7... :) + * Fix the doc-base section for libfreetype6-dev. Closes: #315845. + * Remove one final reference to /usr/X11R6 in debian/rules. + * Drop incorrect Replaces: freetype0, freetype1 + * Add debian/README.source, documenting the madness that is this source + package. + * Standards-Version to 3.8.0. + * Fix multiple integer overflows leading to arbitrary code execution + or DoS (CVE-2009-0946; Closes: #524925). Thanks to Nico Golde for the + NMU. + + -- Steve Langasek Mon, 01 Jun 2009 04:37:19 -0700 + +freetype (2.3.9-4) unstable; urgency=low + + * debian/patches-ft2demos/compiler-hardening-fixes.patch: always check the + return value of fread(), to appease hardened compilers such as what's + used in Ubuntu by default. Set a good example, even if these demos + shouldn't be security-sensitive! Also, along the way catch and fix a + small memory leak on error. :) + * debian/patches-freetype/proper-armel-asm-declaration.patch: use __asm__ + for declaring assembly instead of asm, fixing a build failure on armel. + + -- Steve Langasek Sat, 14 Mar 2009 14:35:23 -0700 + +freetype (2.3.9-3) unstable; urgency=low + + * Drop spurious Suggests: on libfreetype6-dev. Closes: #363937. + * debian/patches-freetype/enable-subpixel-rendering.patch: enable subpixel + rendering features, used by libcairo and xft to provide LCD colour + filtering. This is considered no more or less evil than the bytecode + interpreter which we also enable. + * Move debian/libfreetype6.copyright to debian/copyright, and selectively + install it to the single binary package in debian/rules; the same + copyright file is used for all the binaries anyway via symlinks, so + there's no reason it shouldn't ship as debian/copyright. + Closes: #381228. + * Clip redundant LICENSE.TXT and GPL.TXT files from the + libfreetype6-dev package. Closes: #459802. + + -- Steve Langasek Fri, 13 Mar 2009 23:09:50 -0700 + +freetype (2.3.9-2) unstable; urgency=low + + * debian/rules: bump the shlibs version, since 2.3.9 introduces a handful + of new symbols + * debian/libfreetype6.symbols: add a new symbols file, which should cause + most packages to have relaxed dependencies of libfreetype6 now. + + -- Steve Langasek Fri, 13 Mar 2009 16:57:23 -0700 + +freetype (2.3.9-1) unstable; urgency=low + + * New upstream version; closes: #519168. + * fixes a SIGFPE in evince when displaying some PDFs. Closes: #494350, + LP: #277294. + * fix a rendering issue with embedded Myriad_Pro fonts in some PDFs. + LP: #330438. + * fix a rendering issue with some glyphs not rendering in PDFs when + an embedded font uses CID 0. LP: #252250. + * drop patches-freetype/no-segfault-on-load_mac_face, included + upstream. + * patches-ft2demos/ft2demos-2.1.7-ftbench.patch: drop unused + patch chunk + * fix up the get-orig-source target to autodetect the upstream version + using the changelog by default. + + -- Steve Langasek Fri, 13 Mar 2009 01:07:28 -0700 + +freetype (2.3.7-2) unstable; urgency=high + + * High-urgency upload for RC bugfix. + * Add debian/patches-freetype/no-segfault-on-load_mac_face, patch from + upstream to fix a segfault due to uninitialized memory in certain + failures of FT_Stream_New. Closes: #487101. + + -- Steve Langasek Thu, 21 Aug 2008 12:09:17 -0700 + +freetype (2.3.7-1) unstable; urgency=low + + * New upstream release + * Add a new get-orig-source rule to handle downloading & packing the bits + for us + * Build-depend on x11proto-core-dev instead of the obsolete x-dev. + * Unset DH_VERBOSE when redirecting the output of dh_shlibdeps, + otherwise the substvars are kinda messed up. + * Fix a typo that caused debhelper log junk to be dumped into /usr. + * Replace ${Source-Version} with ${binary:Version} in debian/control. + * Don't install useless copies of /usr/share/doc/libfreetype6 in the + other packages, the symlink is all we need. + + -- Steve Langasek Mon, 30 Jun 2008 17:57:56 -0700 + +freetype (2.3.6-1) unstable; urgency=low + + * New upstream release + - Fixes multiple vulnerabilities in the PFB font parser (CVE-2008-1806, + CVE-2008-1807, CVE-2008-1808). Closes: #485841. + * Fix some very bizarre quoting of $CFLAGS in debian/rules + + -- Steve Langasek Sun, 15 Jun 2008 23:52:53 -0700 + +freetype (2.3.5-1) unstable; urgency=low + + * New upstream release + - Drop patches 374902-composite-glyphs, CVE-2006-3467_pcf-strlen, + and CVE-2007-2754_ttgload, merged upstream. + - Bump the shlibs to 2.3.5 for new symbols. + + -- Steve Langasek Sat, 07 Jul 2007 00:19:30 -0700 + +freetype (2.2.1-6) unstable; urgency=high + + * High-urgency upload for security fix. + * Remove spurious patch file from the package diff, sigh. + * Add debian/patches-freetype/CVE-2007-2754_ttgfload to address + CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted + TTF image by way of an integer overflow. Closes: #425625. + + -- Steve Langasek Wed, 23 May 2007 03:26:25 -0700 + +freetype (2.2.1-5) unstable; urgency=high + + * High-urgency upload for RC bugfix. + * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch to + address CVE-2006-3467, a missing string length check in PCF files that + leads to a possibly exploitable integer overflow. Thanks to Martin + Pitt for the patch. Closes: #379920. + + -- Steve Langasek Tue, 12 Sep 2006 15:04:42 -0700 + +freetype (2.2.1-4) unstable; urgency=low + + * Drop libfreetype6.postinst code for cleaning up /usr/X11R6/lib; + whatever version it applied to is pre-sarge, and this code is + sufficiently blunt that I don't think it should be kept around. + Closes: #386379. + + -- Steve Langasek Fri, 8 Sep 2006 13:35:30 -0700 + +freetype (2.2.1-3) unstable; urgency=low + + * Apply patch from Eugeniy Meshcheryakov , applied + upstream, to fix bug in rendering of composite glyphs. + Closes: #374902. + + -- Steve Langasek Sun, 3 Sep 2006 04:21:43 -0500 + +freetype (2.2.1-2) unstable; urgency=low + + * Enable full bytecode interpreter instead of just the + "non-patented portions". + * Use $(CURDIR) instead of $(PWD) to build with sudo. Closes: #367579. + + -- Keith Packard Wed, 17 May 2006 00:00:35 -0500 + +freetype (2.2.1-1) unstable; urgency=low + + * New upstream release + - Supersedes patches freetype-2.1.10-cvsfixes.patch, + freetype-2.1.10-fixaliasing.patch, freetype-2.1.10-fixautofit.patch, + freetype-2.1.10-fixkerning.patch, freetype-2.1.10-memleak.patch, + freetype-2.1.10-xorgfix.patch + + -- Steve Langasek Sat, 13 May 2006 13:57:54 -0700 + +freetype (2.2~rc4-1) unstable; urgency=low + + * New upstream release + - this version should restore binary compatibility with version + 2.1.7. Closes: #314385. + - use the old ft2demos and freetype-docs for now; patch ft2demos + (temporarily only!) to still use the internal headers, which are + now no longer exported as part of the API + * Patch to handle empty short metrics, as seen in BitStream Vera. + * Bump shlibs to 2.2~rc4-1. Closes: #316031. + * Replace debian/rules patch handling with quilt; thanks to Jurij + Smakov for the patch. + + -- Steve Langasek Sat, 4 Mar 2006 22:06:38 -0800 + +freetype (2.1.10-3) unstable; urgency=low + + * Removed freetype-2.1.10-fixaliasing.patch to restore proper sub-pixel + anti-aliased hinted rendering. Thanks to Michael Biebl for reporting + the bug. I was able to reproduce the bug setting gnome-font-properties + to: 96 dpi, sub-pixel anti-aliasing, full hinting, with Bitstream Vera + Sans Roman 11 as desktop font. (Closes: Bug#359104) + * Added more fixes to debian/patches/freetype-2.1.10-cvsfixes.patch: + * 2006-03-27 David Turner + * src/sfnt/ttkern.c (tt_face_get_kerning): Fix a serious bug that + causes some programs to go into an infinite loop when dealing with + fonts that don't have a properly sorted kerning sub-table. + * 2006-03-21 Zhe Su + * src/base/ftoutln.c (FT_Outline_Get_Orientation): Improve algorithm. + This is to prevent certain emboldened and hinted glyphs from becoming + "weird". See https://bugzilla.novell.com/show_bug.cgi?id=158573 + for details. + * Oops, I inadvertently set the shlibs dependency to (>= 2.1.10-1) + in 2.1.10-2. Reverted to (>= 2.1.5-1). + + -- Anthony Fok Fri, 31 Mar 2006 04:11:27 +0800 + +freetype (2.1.10-2) unstable; urgency=low + + * Will Newton has agreed to let Steve Langasek adopt the package. + Therefore, I have taken the liberty to set the Maintainer field + to Steve, and to add myself as an uploader. :-) (See Bug#351821) + + * Acknowledge NMUs by Frans Pop (shlibs for udeb, Closes: Bug#355939) + and by Joey Hess (xlibs-dev removal, Closes: Bug#346706). + Thank you all! + + * Merge fixes from 2.1.10-1ubuntu1 (Many thanks!): + * Patches for Malone #5560. + [debian/patches/freetype-2.1.10-cvsfixes.patch]: + - various fixes (mostly embolding which caused characters to + slant upward, most evident for CJK users in KDE and icewm. + (Closes: Bug#356495, Bug#356854) + [debian/patches/freetype-2.1.10-xorgfix.patch]: + - put back internal API used by xorg-x11 + [debian/patches/freetype-2.1.10-fixautofit.patch]: + - fix autofit render setup + [debian/patches/freetype-2.1.10-memleak.patch]: + - fix memleak + [debian/patches/freetype-2.1.10-fixkerning.patch]: + - fix disabled kerning + [debian/patches/freetype-2.1.10-fixaliasing.patch]: + - fix anti-aliasing rendering + * Changes by Jun Kobayashi + -- Jonathan Riddell Mon, 16 Jan 2006 17:45:50 +0900 + + -- Anthony Fok Sat, 25 Mar 2006 13:03:09 +0800 + +freetype (2.1.10-1.2) unstable; urgency=low + + * Non Maintainer Upload (closes: #355939) + * Add support for udeb dependency resolution in shlibs file + * Simplify debian/rules by making use of udeb support in debhelper + * Update debhelper compatibility to level 5 + + -- Frans Pop Sat, 18 Mar 2006 17:07:46 +0100 + +freetype (2.1.10-1.1) unstable; urgency=low + + * NMU + * Patch from Ben Hutchings for xlibs-dev transition. Closes: #346706 + + -- Joey Hess Sun, 5 Mar 2006 20:31:17 -0500 + +freetype (2.1.10-1) unstable; urgency=low + + * New upstream (Closes: #298660, #245532). + * New maintainer, co-maintainer required! + * Disable CJK autohinting patch due to incompatability with this version + of freetype. + * Remove some very old unapplied patches. + * Add freetype-config.1 manpage. + * Add doc-base file for development docs. (Closes: #280827) + * Fix build with non-default umask. (Closes: #307464, #166511) + * Patch merged upstream. (Closes: #252673) + * Acknowledge NMUS. + (Closes: #221597, #225119, #226380, #249443, #251473, #302269, #259875) + + -- Will Newton Mon, 13 Jun 2005 00:44:29 +0100 + +freetype (2.1.9-1) unstable; urgency=low + + * New upstream. + + -- Will Newton Sat, 28 May 2005 14:49:00 +0100 + +freetype (2.1.7-2.4) unstable; urgency=high + + * Non-maintainer upload. + * freetype-2.1.7/src/bdf/bdflib.c: When a glyph has zero width or height, + a bitmap is not actually allocated for it, but the code used to try to + use it anyway. Now it no longer does that. Fix by Steve Langasek, + based on something I did earlier. Added + debian/patches/300-bdflib-zero-width-glyphs.diff. Closes: #302269 + (Segmentation fault with certain bdf fonts). + * freetype-2.1.7/src/bdf/bdflib.c: BDF font files with glyphs with an + encoding value of at least 65536 would overflow the bitmap with + 65536 bits which bdflib.c uses to keep track of whether it has seen + an encoding already. Changed things so that encodings above the + limit cause an error code to be returned instead of a segfault + happening. Ideally, the bitmap should be replaced with a more + compact representation, but that is too big a change for something + this small. I will, however, only lower the severity of the bug + (305413) to normal, instead of marking it fixed. Added + debian/patches/300-bdflib-large-encodings.diff. + + -- Lars Wirzenius Sun, 24 Apr 2005 15:42:00 +0300 + +freetype (2.1.7-2.3) unstable; urgency=low + + * NMU + * debian/patches/090-freetype-2.1.7-normalize-fix.diff: Patch + by David Mossberger. Backport from freetype2 CVS that fixes an + off-by-order-of-magnitude performance issue in the normalization code. + (Closes: #259875) + + -- dann frazier Mon, 08 Nov 2004 19:06:57 -0700 + +freetype (2.1.7-2.2) unstable; urgency=low + + * NMU + * debian/patches/080-freetype-2.1.7-backwards-compat.diff: Patch + by Shaun Jackman, integration by Thom May. Fixes backwards + compatibility (Closes: #251473) + + -- Frank Lichtenheld Fri, 6 Aug 2004 01:03:36 +0200 + +freetype (2.1.7-2.1) unstable; urgency=medium + + * NMU + * [debian/patches/patches/t1load-eexec.diff, debian/rules] Patch from + upstream CVS + (http://cvs.freetype.org/cgi-bin/viewcvs.cgi/freetype2/src/type1/t1load.c.diff?r1=text&tr2=1.89&tr1=1.88&r2=text&diff_format=u) + to fix hanging gpdf processes. (Closes: #249443, #233255) + + -- J.H.M. Dassen (Ray) Fri, 4 Jun 2004 18:56:41 +0200 + +freetype (2.1.7-2) unstable; urgency=low + + * Acknowledging 2.1.7-1.1. Many thanks to David Mosberger-Tang and + fellow Debian developer J.H.M. Dassen (Ray) for fixing the + gnumeric and abiword crashing problem on powerpc and ia64 + by compiling with -fno-strict-aliasing. Will report upstream. + * Applied Akito Hirai's freetype-2.1.7-autohint-cjkfonts-20031130.patch. + Thanks to Firefly's detailed testing and development, and to Shuke + (Fan Xiaoju) and Tetralet for building unofficial debs. :-) + - http://firefly.idv.tw/test/Forum.php?Board=1&Article=72498077a4859413781ed6885760caa7&Func=view&History=0 + - http://www.linuxfans.org/nuke/modules.php?name=Forums&file=viewtopic&t=51830 + * Converted changelog.Debian.gz to UTF-8. + * Removed /usr/share/doc/libfreetype6/reference/.cvsignore. + + -- Anthony Fok Sat, 24 Jan 2004 08:00:31 +0800 + +freetype (2.1.7-1.1) unstable; urgency=high + + * NMU + * [debian/control] Applied patch by David Mosberger-Tang + to compile -fno-strict-aliasing. Freetype + is apparently known to be unsafe for strict-aliasing rules defined + by ANSI (and the compiler configuration files in the upstream + source package itself reflect that), which caused crashes on ia64 + and powerpc. This patch has been confirmed to fix the gnumeric and + abiword crashes on powerpc. (Closes: #221597, #225119, #226380). + + -- J.H.M. Dassen (Ray) Tue, 6 Jan 2004 11:35:55 +0100 + +freetype (2.1.7-1) unstable; urgency=low + + * New upstream version. + + -- Anthony Fok Sat, 15 Nov 2003 00:49:55 +0800 + +freetype (2.1.5-3) unstable; urgency=high + + * debian/patches/freetype-2.1.5-type1-crash.diff: prevents + crashes when opening Type1 fonts with PaintType != 0 or + StrokeWidth != 0, exhibited with e.g. Hershey fonts in gsfonts-other. + Many thanks to Josselin Mouette (Debian fontconfig maintainer) for + analysis and patch! (Closes: Bug#216605, #216649, #216761) + * FTC_SBit_Cache_Lookup() exhibits a bug in ah_hinter_load_glyph + where FT_Render_Glyph may be called twice under some circumstances. + Many thanks to Ralf for reporting and upstream author Werner Lemberg + for fixing the bug. (Closes: Bug#213232, #208943, #209715) + * Added Conflicts: xpdf-reader (<< 1.00-4) to avoid problems with users + upgrading from Debian 3.0. Thanks to Adrian Bunk for the bug report. + (Partially fixes Bug#214732) + + -- Anthony Fok Wed, 22 Oct 2003 10:58:14 +0800 + +freetype (2.1.5-2) unstable; urgency=low + + * Added patch by David Bevan ([devel] 2003-09-19) to fix read_pfb_tag() + so it does not fail on end-of-file indicated (0x8003). + * Do not install the irrelevant docs/reference/README. (Closes: Bug#211755) + + -- Anthony Fok Sun, 21 Sep 2003 01:35:44 +0800 + +freetype (2.1.5-1) unstable; urgency=low + + * New upstream official 2.1.5 release. (ftdocs is still 2.1.4.) + * Set libfreetype6-udeb to Priority: extra to fix override disparity. + + -- Anthony Fok Tue, 16 Sep 2003 23:43:48 +0800 + +freetype (2.1.4-5) unstable; urgency=low + + * CVS updates as of 2003-08-18. Upstream has restored binary + compatibility with the FreeType 2.1.4 and previous releases. + * Applied patch by Mike Fabian (2003-08-27): check bdf properties + WEIGHT_NAME and SLANT case insensitively. Many thanks! :-) + * Reversed YAMANO-UCHI Hidetoshi's 2003-06-13 change to ft2demos + graph/x11/rules.mk; Debian shys away from setting rpath. + + -- Anthony Fok Thu, 28 Aug 2003 02:10:29 +0800 + +freetype (2.1.4-4) unstable; urgency=low + + * CVS updates as of 2003-06-07 with many fixes, including: + - Werner Lemberg has fixed the problem FreeType 2 had with + HuaTian multiple-level subglyphs fonts like htst3.ttf. + Many thanks! :-) + * TT_CONFIG_OPTION_FORCE_UNPATENTED_HINTING is left undefined for now. + (MS web core fonts like MonoType Arial would become distorted.) + * Disable Firefly's GRAYS_USE_GAMMA patch for now: I have received + several bug reports about "ugly fonts" or jaggies already, and I am + not sure whether it is due to the adjusted gamma values or + the new unpatented hinting in CVS. Let's see what happens. :-) + (Closes: Bug#196029, #196048, #196086) + * Yikes, Werner's number to pointer changes broke binary compatibility + with XFree86 4.3.0. I hope the patch + 100-freetype-2.1.4-CVS-int-fixed_p-incompatibility.diff + correctly reverts the problem. My apologies to the Debian XFree86 + for my oversight. + * FreeType 2.1.4 was unable to read some gzip'ed fonts Many thanks to + "Alexis S. L. Carvalho" for diagnosing and + correcting the problem. (Closes: Bug#184355) + * Note to self: Debian's file/libmagic1 (4.02-4) misdetects + libfreetype.so.6.3.3 as "Linux/i386 core" file on i386 platforms. + + -- Anthony Fok Sun, 8 Jun 2003 13:42:26 +0800 + +freetype (2.1.4-3) unstable; urgency=low + + * CVS updates as of 2003-06-01: + - Removed my 010-ft2demos-2.1.4-ucs4.diff and + Akito's 011-freetype-2.1.4-ttcmap4.diff: already applied upstream. + * [ftoption.h] Enabled Graham Asher's unpatented hinting: + #define TT_CONFIG_OPTION_BYTECODE_INTERPRETER + #define TT_CONFIG_OPTION_COMPILE_UNPATENTED_HINTING + Many thanks to Graham Asher and Artifex for their contribution! + * Temporary disable Akito Hirai's CJK autohinting enhancement: it + currently does not apply cleanly to FreeType CVS. + * [libfreetype6-dev.files]: Added usr/lib/pkgconfig/ for freetype2.pc. + * Added Firefly's patch to #define GRAYS_USE_GAMMA with finetune. + + -- Anthony Fok Tue, 3 Jun 2003 02:54:40 +0800 + +freetype (2.1.4-2) unstable; urgency=low + + * Applied CVS fixes as of 2003-04-09. + * Applied freetype-2.1.3-ttcmap4.patch by Akito Hirai to handle buggy + Unicode CMap (cmap4) in CJK Dyna fonts. + * Applied Akito Hirai's autohinting enhancement for CJK fonts (2003-04-16). + + -- Anthony Fok Mon, 21 Apr 2003 01:48:07 +0800 + +freetype (2.1.4-1) unstable; urgency=low + + * New upstream release. + * The Section for libfreetype6-dev has been changed from devel to libdevel. + + -- Anthony Fok Tue, 8 Apr 2003 23:28:21 +0800 + +freetype (2.1.3+2.1.4rc2-5) unstable; urgency=low + + * FreeType 2.1.4 release candidate as of 2003-03-27. + * The rounding code in FT_Set_Char_Size() has been changed slightly + from 2.1.3+2.1.4rc2-4. Please test to see if native TrueType hinting + (with bytecode interpreter) still looks good. Thanks! + * Fine-tuned font->num_indices in ft2demos/src/ftcommon.i by encoding. + + -- Anthony Fok Mon, 31 Mar 2003 03:47:29 +0800 + +freetype (2.1.3+2.1.4rc2-4) unstable; urgency=low + + * FreeType 2.1.4rc2 with CVS update as of 2003-03-20. + * More rounding fixes from Artur Zaprzala. + * Reverted FT_Set_Char_Size() to forced rounding as before. This is + a temporary measure to get bytecode-interpreter hinted fonts display + properly. + + -- Anthony Fok Tue, 25 Mar 2003 01:34:15 +0800 + +freetype (2.1.3+2.1.4rc2-3) unstable; urgency=medium + + * The "Welcome to the world, Lucie Turner!" release. :-) + * FreeType 2.1.4rc2 with CVS update as of 2003-03-15. + * Upstream author David Turner has fixed src/truetype/ttdriver.c + (Set_Char_Sizes) rounding issues. The fonts on the screen should + look good as before now. (Closes: Bug#181938, #183794, #182674) + + -- Anthony Fok Sun, 16 Mar 2003 00:05:22 +0800 + +freetype (2.1.3+2.1.4rc2-2) unstable; urgency=medium + + * Reversed upstream author's 2003-02-25 patch on ttdriver.c: + - src/truetype/ttdriver.c (Set_Char_Sizes): fixed a rounding bug when + computing the scale factors for a given character size in points with + resolution. + + Not sure what how undoing this would affect autohinting, but at least + rendering with bytecode interpreter is back to normal. :-) + (Follow-up: Bug#181938, #183794, #182674, etc.) + + * Tests with David Chester's suggested patches, e.g. symmetric "m". + + * Added a fix for double free in the embedded bitmap code in freetype. + The bug was crashing OpenOffice.org. Thanks to Mandrake's Gwenole + Beauchesne for his suggested fix! (Follow-up: Bug#183272) + + -- Anthony Fok Thu, 13 Mar 2003 00:51:09 +0800 + +freetype (2.1.3+2.1.4rc2-1) unstable; urgency=low + + * FreeType 2.1.4rc2 with CVS update as of 2003-02-28: + - ft_gzip_file_done memory leak fix. (May fix #175889, #176138) + - scaling round-off error fix. May fix #182674, #181938. + - infinite loop fix in ftgzip.c. (Closes: Bug#177439) + * libfreetype6.postinst: Remove /usr/X11R6/lib/libfreetype.so* leftover + by some old version of XFree86 package. + * Added libfreetype6-udeb for the GTK frontend of the debian-installer. + Many thanks to Sebastian Ley for providing the appropriate patch! + (Closes: Bug#182208) + * freetype2-demos now depends on the exact version of libfreetype6. + (Closes: Bug#151233) + + -- Anthony Fok Wed, 5 Mar 2003 02:21:46 +0800 + +freetype (2.1.3-10) unstable; urgency=low + + * FreeType 2.1.4rc1 with CVS update as of 2003-02-18. (Closes: Bug#179450) + * Made 008-freetype-2.1.4rc1-ftccmap-ucs4.patch: + ftc_cmap_family_init() now, like find_unicode_charmap() in ftobjs.c, + favours UCS-4 charmap if there is one. + * Made 009-freetype-2.1.4rc1-typo.patch: + Minor typographical fixes, e.g. asian -> Asian. + * Made 010-ft2demos-2.1.4rc1-ucs4.patch: + Let ft2demos handle up to U+10FFFF. + + -- Anthony Fok Fri, 21 Feb 2003 02:59:12 +0800 + +freetype (2.1.3-9) unstable; urgency=low + + * Backed out David Turner's modified bluescale implementation (2.1.3-8) + and put back David Chester's original patch (2.1.3-7) until rendering + with bytecode interpreter turned on is improved. (See Bug#179450) + + -- Anthony Fok Mon, 3 Feb 2003 03:44:56 +0800 + +freetype (2.1.3-8) unstable; urgency=low + + * CVS update as of 2003-01-31. David Chester's bluescale patch is now + implemented upstream. Also, the excessive debug messages in 2.1.3-7 + should be gone now. + + -- Anthony Fok Sat, 1 Feb 2003 16:19:44 +0800 + +freetype (2.1.3-7) unstable; urgency=low + + * CVS update as of 2003-01-22. + * Added David Chester's latest bluescale2 patch. (2003-01-23 on the + FreeType devel mailing list.) + + -- Anthony Fok Sat, 25 Jan 2003 02:16:52 +0800 + +freetype (2.1.3-6) unstable; urgency=low + + * Oops, forgot to run aclocal as "aclocal -I ." to search for + ft-munmap.m4. Thanks to Werner Lemberg for the note. + + -- Anthony Fok Sat, 18 Jan 2003 22:45:19 +0800 + +freetype (2.1.3-5) unstable; urgency=low + + * CVS update as of 2003-01-17. + * Added a patch to relax table.Length checking because some buggy software + pads it to a multiple of 4 bytes. + (007-freetype-2.1.3-ttload-table-length.patch) + * Updated to latest libtool and regenerate configure so it builds properly + on mips/mipsel. Thanks to Ryan Murray for reporting the issue. + Also forwarded upstream. (Closes: Bug#176044) + + -- Anthony Fok Fri, 17 Jan 2003 07:52:25 +0800 + +freetype (2.1.3-4) unstable; urgency=high + + * Oops, forgot to add the corresponding Depends: zlib1g-dev | libz-dev + to libfreetype6-dev. Fixed. Thanks to Colin Walters for the reminder! + (Closes: Bug#174019) + + -- Anthony Fok Mon, 23 Dec 2002 12:51:41 +0800 + +freetype (2.1.3-3) unstable; urgency=high + + * With the previous CVS update, configure.ac was revised, but autoconf + was not run, leading to an unsubstituted @LIBZ@ in freetype-config. + My apologies for the problems it caused. (Closes: Bug#173834) + * Patched configure.ac and unix-cc.in to set LDFLAGS=-lz and to ensure + that libfreetype.so.* is explicitly linked with zlib. + * Added Build-Dependency: libz-dev, autoconf. (Note to self: remove + autoconf later.) + + -- Anthony Fok Sun, 22 Dec 2002 06:03:03 +0800 + +freetype (2.1.3-2) unstable; urgency=low + + * CVS updates as of 2002-12-18. + + -- Anthony Fok Sat, 21 Dec 2002 01:28:23 +0800 + +freetype (2.1.3-1) unstable; urgency=low + + * New upstream release. + * Revised my freetype-2.1.3-ttgload-monospace-halfwidth.patch to use + 52% as the threshold. + * New version supports gzipped PCF fonts. (Closes: Bug#163207) + + -- Anthony Fok Mon, 9 Dec 2002 01:36:21 +0800 + +freetype (2.1.2-10) unstable; urgency=low + + * Turning back on the bytecode interpreter. Too tired to care now. + May turn it off again when Xft2 and fontconfig are in Debian. + * Removed libkpathsea-dev build-dependency. It was used for the the + FreeType 1 contributed tools, but those tools were not yet ported + to FreeType 2. Also removed the 'debian/\' file. Thanks to + P. Doblerman for the bug report. (Closes: Bug#166064) + + -- Anthony Fok Thu, 24 Oct 2002 10:17:18 +0800 + +freetype (2.1.2-9) unstable; urgency=medium + + * By popular demand, disabled the ft-slight patch. Let's see what happens. + (Closes: Bug#164477) + + -- Anthony Fok Thu, 17 Oct 2002 23:37:36 +0800 + +freetype (2.1.2-8) unstable; urgency=low + + * CVS updates as of 2002-10-07 + * Applied David Chester's ft-slight patch. Thanks to Roger So for the + suggestion. (Closes: Bug#163900) + * Turned off the bytecode interpreter. + + -- Anthony Fok Fri, 11 Oct 2002 02:00:18 +0800 + +freetype (2.1.2-7) unstable; urgency=medium + + * CVS updates as of 2002-09-25 + * Revised ftbench.c to count by num_charcodes (cmap entries) instead of + face->num_glyphs. + * Oops, I forgot to uncomment dh_strip after a debug session! + Thanks to Daniel Burrows for catching this! (Closes: Bug#162346) + + -- Anthony Fok Thu, 26 Sep 2002 15:46:31 +0800 + +freetype (2.1.2-6) unstable; urgency=medium + + * CVS updates as of 2002-09-21 (after VER-2-1-3-RC2) + * Backported patches that I made for Thiz Linux, as listed below. + * Do not force horizontal.advance_Width_Max even when + postscript.isFixedPitch is true so that the ASCII characters in some + CJK fonts are displayed correctly. + * Revised my CMap4 patch to take care of tt_cmap4_char_index() and + tt_cmap4_char_next() too. (Closes: Bug#161933) + * ftbench allocates face->num_glyphs, but number of codepoints read + from CMap4 may be more, causing it to segfault with opens___.ttf. + Fixed. + + -- Anthony Fok Wed, 25 Sep 2002 09:45:14 +0800 + +freetype (2.1.2-5) unstable; urgency=high + + * CVS updates as of 2002-09-05 + * Fixed some typos in ftimage.h introduced in VER-2-1-3-RC1, + e.g. s/zft_outline_reverse_fill/ft_outline_reverse_fill/ + so that gnome-print may be built properly. Thanks to + Rick Younie, Christian Marillat and Kalle Olavi Niemitalo + for the bug report. (Closes: Bug#159806) + + -- Anthony Fok Sun, 8 Sep 2002 23:18:29 +0800 + +freetype (2.1.2-4) unstable; urgency=high + + * s/FT_ENCODING_SYMBOL/FT_ENCODING_MS_SYMBOL/ (typo) in freetype.h . + Thanks to Branden Robinson for tracking down the error. + (Closes: Bug#159375) + + -- Anthony Fok Tue, 3 Sep 2002 11:35:42 +0800 + +freetype (2.1.2-3) unstable; urgency=low + + * CVS updates as of 2002-08-29 (around VER-2-1-3-RC1) + * Make FreeType less strict when some slightly buggy fonts set + the CMap format 4 last segment idRangeOffset to 0xFFFF. + Thanks to Werner Lemberg and George Williams for pinpointing the bug. + (Fixes: Bug#150678, #155864) + + -- Anthony Fok Mon, 2 Sep 2002 05:53:48 +0800 + +freetype (2.1.2-2) unstable; urgency=low + + * Added CVS updates as of 2002-08-06. + * Werner Lemberg (one of the upstream authors) has fixed TTC reading + problem. Thanks to Kenshi Muto and Ishikawa Mutsumi for the report. + (Closes: Bug#154221) + * An extraneous /usr/X11R6/lib/libfreetype.so (not from this package) + was the culprit to some of the mysterious segmentation faults + that some users were experiencing. Thanks to Akira TAGOH for tracking + down the problem. (Closes: Bug#142674, #149472, #149759, #150596) + + -- Anthony Fok Fri, 9 Aug 2002 02:22:00 +0800 + +freetype (2.1.2-1) unstable; urgency=low + + * New upstream release with CVS updates as of 2002-07-11. + + -- Anthony Fok Mon, 15 Jul 2002 02:24:09 +0800 + +freetype (2.1.1-3) unstable; urgency=medium + + * Sync'ed with CVS as of 2002-06-16. + * "New version breaks Pango" was fixed by the newly recompiled + Pango package. (Thanks, Akira TAGOH! :-) (Closes: Bug#150039) + * Applied patches from Detlef Würkner (003-freetype-type1-cmap.patch, + 004-freetype-select-charmap.patch): the latter one fixes + the icon-text-disappears-in-Nautilus problem. Many thanks! + (Closes: Bug#150084) + * Applied patch from Sven Neumann (005-freetype-pfr-direction.patch). + Many thanks! + + -- Anthony Fok Wed, 19 Jun 2002 01:37:48 +0800 + +freetype (2.1.1-2) unstable; urgency=low + + * Up'ed versioned dependency to libfreetype6 (>= 2.1.1) because 2.1.1 + introduced some changes that is binary incompatible (but source + compatible) with previous versions, and Pango needs to be recompiled. + * Added fixes from CVS as of 2002-06-14. + * TOP became TOP_DIR + + -- Anthony Fok Sun, 16 Jun 2002 13:28:33 +0800 + +freetype (2.1.1-1) unstable; urgency=medium + + * New upstream release. + * Added versioned dependency to libfreetype6 (>= 2.1.0). Thanks to + Akira TAGOH for the suggestion. (Closes: Bug#140772, Bug#140821) + + -- Anthony Fok Fri, 14 Jun 2002 00:51:01 +0800 + +freetype (2.0.9-1) unstable; urgency=high + + * New upstream release. Among other enhancements, it contains this + important fix: + + - Certain fonts, like "foxjump.ttf" contain broken name tables with + invalid entries and wild offsets. This caused FreeType to crash when + trying to load them. + + Kudos to upstream author David Turner for fixing the bug so quickly! + + This bug causes gnome-print to crash for users with certain freeware + or shareware fonts, so please put in woody. Thanks! + (Closes: Bug#135654, Bug#135896) + + -- Anthony Fok Tue, 12 Mar 2002 01:43:14 +0800 + +freetype (2.0.8-1) unstable; urgency=medium + + * New upstream version. Contains a few more important bug fixes. + Please put in woody. Thanks! + * libfreetype6-dev now Depends on libc6-dev | libc-dev + (Closes: Bug#132640) + * Uses new configure script so that it builds on the netbsd-i386 + Debian port too. (Closes: Bug#132693) + + -- Anthony Fok Wed, 13 Feb 2002 03:35:52 +0800 + +freetype (2.0.7-1) unstable; urgency=medium + + * New upstream version. Reportedly fixes a problem that may KDE to + crash upon reading certain fonts. (Yes, please put in Debian 3.0). + * Applied upstream fix to freetype-config. + + -- Anthony Fok Tue, 5 Feb 2002 03:44:27 +0800 + +freetype (2.0.6-1) unstable; urgency=low + + * New upstream release with important bug fixes. + * Removed two Debian small patches as they have been applied upstream. + + -- Anthony Fok Mon, 14 Jan 2002 01:25:06 +0800 + +freetype (2.0.5-2) unstable; urgency=low + + * Oops, README and .cvsignore were erroneously placed in /usr/bin in + freetype2-demos. Thanks to YAMASHITA Junji for the bug report. + (Closes: Bug#119119) + + -- Anthony Fok Sun, 11 Nov 2001 23:55:40 +0800 + +freetype (2.0.5-1) unstable; urgency=low + + * New upstream release. + * Updated libfreetype6.copyright. + * Applied patch to builds/unix/freetype-config.in to prevent + /usr/bin/freetype-config from providing gcc with -L/usr/lib. + Thanks to Gordon Sadler for providing the patch. (Closes: Bug#101391) + * Added /usr/share/aclocal/freetype2.m4 for autoconf and friends. + in libfreetype6-dev. Thanks to Marcelo E. Magallon for contributing + this file. (Closes: Bug#117156) + + -- Anthony Fok Sat, 10 Nov 2001 13:10:25 +0800 + +freetype (2.0.2.20010514-1) unstable; urgency=low + + * New upstream snapshot, post-2.0.2 freetype2-current as of 2001-05-14. + * Silly me! I fixed the `missing "xlibs-dev" in Build-Depends' + in 2.0.2.20010422-2, but closed the wrong bug report!? + Thanks to Martin Schmitz for the bug report. (Closes: Bug#95328) + * libtool-1.4 is not 100% compatible with the libtool-1.3.5 included + in the upstream source. Also, it seems to be unnecessary to + Build-Depends on libtool, therefore removed. + Thanks to Laurent Bonnaud for the bug report. (Closes: Bug#97552) + * [ftoption.h]: #define TT_CONFIG_OPTION_BYTECODE_INTERPRETER + + -- Anthony Fok Tue, 15 May 2001 16:49:26 -0600 + +freetype (2.0.2.20010422-2) unstable; urgency=medium + + * Hehe, silly me, I forgot to add "xlibs-dev" to Build-Depends + when I merged in freetype2-demos. Thanks to Martin Michlmayr + for the notice. Closes: Bug#94569. + + -- Anthony Fok Thu, 26 Apr 2001 21:20:17 -0600 + +freetype (2.0.2.20010422-1) unstable; urgency=low + + * Updated to post-2.0.2 freetype2-current as of 2001-04-22. + * On i386, freetype2-demos is rebuilt with xlibs_4.0.2-13 instead of the + pre-release xlibs_4.0.3. My apologies. + * Replaced "tetex-dev" with "libkpathsea-dev" in Build-Depends. + Thanks to Michael Schmitz for the bug report. Closes: Bug#91897. + * Updated README.Debian to reflect the FreeType 1.x package name + change from freetype2{,-dev} [sic] to libttf{2,-dev}. + + -- Anthony Fok Mon, 23 Apr 2001 23:08:51 -0600 + +freetype (2.0.2.20010412-1) unstable; urgency=low + + * New upstream release, post-2.0.2 freetype2-current as of 2001-04-12. + * Arnd Bergmann, Tom Kacvinsky et al. pinpointed and fixed a bug + in FreeType-2.0.2 which caused KDE and "xterm -fa" to segfault. + Thanks guys! :-) Closes: Bug#89326. + * New binary package: freetype2-demos. + * The source package reorganized to include three upstream tarballs + (freetype, ftdocs, ft2demos) in one *.orig.tar.gz. + + -- Anthony Fok Fri, 13 Apr 2001 02:02:42 -0600 + +freetype (2.0.1.20010317-1) unstable; urgency=low + + * Updated to freetype2-current as of 2001-03-17. + * [builds/unix/install.mk]: + - IMHO, the current upstream source caters too much to broken + compilers that the Unix build suffers somewhat. + - Use sed to replace all instances of + + with FT2_{PUBLIC,CONFIG,INTERNAL}_FILE(*.h), which currently + expands to + in freetype/config/ftheader.h and freetype/internal/internal.h. + - This fix, without sacrificing compatibility on some brain-dead + compilers on other platforms, may mean that + "-I/usr/include/freetype2" is no longer needed on Unix/Linux/Hurd + platforms. + - But it would be very foolish to remove "-I/usr/include/freetype2". + Thou shalt always use $(shell freetype-config --cflags). + - Thanks to Gordon Sadler for the suggestion. :-) + Closes: Bug#79951. + * [builds/unix/ft2unix.h]: + - Removed the FT2_{PUBLIC,CONFIG,INTERNAL}_FILE macros because + they are already defined in freetype/config/ftheader.h. + - Use FT2_ROOT instead. Afterall, cpp on Unix is not broken. ;-) + - Thanks to Takuo Kitame for reporting the conflicting #define's. + Closes: Bug#89363. + * [debian/rules]: Moved out some old cruft to rules.museum. + + -- Anthony Fok Mon, 19 Mar 2001 03:27:14 -0700 + +freetype (2.0.1.20010312-1) unstable; urgency=low + + * Updated to freetype2-current as of 2001-03-12. + * [debian/control]: + - Build-Depends: debhelper (>= 3.0.0), ... + - Standards-Version: 3.5.2 + + -- Anthony Fok Fri, 16 Mar 2001 02:21:31 -0700 + +freetype (2.0.1.20010308-1) unstable; urgency=low + + * Updated to freetype2-current as of 2001-03-08. + * Corrected platform detection on Hurd. Thanks to Jeff Bailey, + Werner and David for the fix. Closes: Bug#87691. + + -- Anthony Fok Fri, 9 Mar 2001 00:50:12 -0700 + +freetype (2.0.1-1) unstable; urgency=low + + * New upstream release. + + -- Anthony Fok Fri, 1 Dec 2000 17:58:32 -0700 + +freetype (2.0-1) unstable; urgency=low + + * New upstream FreeType 2 official release. + - Source package: freetype + - Binary packages: libfreetype6 and libfreetype6-dev. + The source package of FreeType 1.3.1 has been renamed to freetype1. + * [README.Debian]: Documents the source and binary package names, + and recommends users to migrate to FreeType 2. + + -- Anthony Fok Mon, 20 Nov 2000 05:16:13 -0700 + +freetype (1.3.1-1) unstable; urgency=low + + * New official upstream release. + * [contrib/ttf2pfb/ttf2pfb.c]: Applied patch by fellow Debian developer + Daniel Jacobowitz to fix a va_arg problem that prevents it from + building on powerpc. Thanks a million! :-) (closes: Bug#54539) + + -- Anthony Fok Mon, 10 Jan 2000 06:12:51 -0700 + +freetype (1.3.1-0) unstable; urgency=low + + * New upstream release candidate (1999-12-08). + * [debian/rules]: Uses "dh_makeshlibs -V 'freetype2 (>= 1.3.1)'" + because 1.3 have some new APIs not in 1.2. Thanks to suggestion + by ISHIKAWA Mutsumi (closes: Bug#52319). + * Added new entries for Arphic PL fonts in /etc/ttf2pk/ttfonts.map + * Modified UBig5.sfd to suit the Big5 Arphic PL fonts. + + -- Anthony Fok Sun, 12 Dec 1999 11:13:20 -0700 + +freetype (1.3-2) unstable; urgency=low + + * Corrected the symlink + /usr/share/doc/freetype2/changelog.gz -> docs/changes.txt + to -> docs/changes.txt.gz. (Hehe, major oversight. :-) + Thanks to Michael Osamu Shiobara for the bug report. + (closes: Bug#50428) + + -- Anthony Fok Wed, 17 Nov 1999 04:10:41 -0700 + +freetype (1.3-1) unstable; urgency=low + + * New upstream release (libttf.so.2.2.0) with patches as of 1999-10-21. + * Standards-Version: 3.1.0 + * Removed debian/freetype2-dev.compress because debhelper-2.0.69 + no longer compresses *.png. + * Backed out the patch applied by Anthony Wong to + contrib/ttf2pfb/configure in freetype_1.2-6.1 because upstream fixed + ttf2pfb.c to #include "extend/ftxpost.h" rather than "ftxpost.h". + Nonetheless, thanks for the NMU! :-) + * [debian/rules]: FHS-compliancy and general clean-up + - s/pre-binary/install/g; and removed install-stamp. + - s!usr/doc!usr/share/doc!g; + - Referred to the latest /usr/doc/debhelper/examples/rules* + and used DH_OPTIONS to reduce clutter. + - Oops! I used bashism but set "SHELL = /bin/sh". Changed to + "SHELL = /bin/bash". :-) + - Install upstream docs/changes.txt as changelog.gz in the + freetype2 (shared library) package. + + -- Anthony Fok Sun, 14 Nov 1999 01:15:21 -0700 + +freetype (1.2-6.1) unstable; urgency=low + + * Non-maintainer upload (see bug #38813) + * Added 'CPPFLAGS= ... -I$srcdir/../../lib/extend' to + contrib/ttf2pfb/configure, otherwise compile will fail for + ftxpost.h cannot be found. + * license.txt.gz is not shipped (lintian complains) + + -- Anthony Wong Thu, 3 Jun 1999 02:04:44 +0800 + +freetype (1.2-6) unstable; urgency=low + + * Copied debian/postinst to debian/freetype-tools.postinst + so mktexlsr is (only) run for the freetype-tools package. + Thanks to Andrew for reporting this bug. (closes: Bug#36502) + * Added some more font entries to /etc/ttf2pk/ttfonts.map. + + -- Anthony Fok Thu, 22 Apr 1999 17:54:53 -0600 + +freetype (1.2-5) unstable; urgency=low + + * Applied upstream freetype-1.2-current.diff.gz as of 1999-04-09. + * [contrib/ttf2pfb/t1asm.c]: Incorporated patch for glibc 2.1 + donated by Hartmut Koptein . + (Taken from the t1utils package. :-) (closes: Bug#35742) + * [contrib/ttf2pk/filesrch.c]: Changed "DllImport" to "KPSEDLL" + (changes between kpathsea 3.2 and 3.3). Thanks Werner! :-) + * [debian/rules]: + - Replaced the for loop with a more verbose alternative to ensure + make stops when it encounters an error when building one of the + contrib programs. + - Renamed t1asm to t1asm-freetype, and getafm to getafm-freetype, + until they are merged with the ones in t1utils and psutils. + * freetype-tools now also Suggests: psutils (>= 1.17-7) + + -- Anthony Fok Mon, 12 Apr 1999 01:08:23 -0600 + +freetype (1.2-4) unstable; urgency=low + + * Rebuilt with glibc-2.1 and tetex-lib (shared kpathsea library). + * [debian/rules]: Changed usr/share/texmf to usr/lib/texmf + for the new FHS-compliant directory layout in teTeX. + * [debian/control]: freetype-tools now Suggests: tetex-bin + (>= 0.9.990310-1), t1utils (>= 1.2-2) + + -- Anthony Fok Mon, 5 Apr 1999 16:39:08 -0600 + +freetype (1.2-3) frozen unstable; urgency=low + + * Applied the upstream freetype-1.2-current.diff.gz as of 1999-01-18 + which fixes a nasty Raster bug occurs only when clipping very large + outlines to a small target bitmap or pixmap. + + -- Anthony Fok Tue, 19 Jan 1999 22:04:32 -0700 + +freetype (1.2-2) frozen unstable; urgency=low + + * Applied the upstream freetype-1.2-current.diff.gz as of 1998-12-27 + Mostly bug fixes. + * Added configure.in and Makefile.in for contrib/{ttf2pfb,ttfbanner}, + so these tools are now included in the freetype-tools package. + * [debian/control]: + - Removed the "<" and ">", and added a suggestion + to Debian-JP's X server with X-TT support in freetype2's + package description. + - Now freetype-tools also Suggests: t1utils, which contains + /usr/bin/t1asm that helps ttf2pfb create real .pfa and .pfb + files. (Also added a note in README.Debian.) + * Updated the upstream authors' e-mail addresses in "control" and + "copyright." + * [debian/changelog]: Add the changelog of the freetype (1.1-0.1) + non-maintainer release done by Marcelo E. Magallon + in June 1998. I forgot to do so back + then. Sorry! :-) + * Renamed debian/compress to debian/freetype2-dev.compress, so *.png + are no longer compressed to *.png.gz. + + -- Anthony Fok Tue, 29 Dec 1998 02:16:07 -0700 + +freetype (1.2-1) frozen unstable; urgency=low + + * New upstream release. + * Recompiled with libc6 (2.0.7u-7). + * [debian/control]: Updated to standards version 2.5.0.0 (no changes). + * [contrib/ttf2pk/configure.in]: Modified the order of the header + include paths to ensure that "-I./../../lib" is placed before + "-I/usr/include". Thanks to Roman.Hodek@informatik.uni-erlangen.de + for the bug report (forwarded upstream). (Fixes: #27920) + + -- Anthony Fok Sat, 5 Dec 1998 15:13:48 -0700 + +freetype (1.1-1998-09-12-2) unstable; urgency=low + + * [debian/postinst]: Oops, the command "ldconfig" somehow disappeared + in the last upload. Fixed. :-) + + -- Anthony Fok Sun, 11 Oct 1998 19:58:32 -0600 + +freetype (1.1-1998-09-12-1) unstable; urgency=low + + * New upstream development snapshot. + * Added "--with-kpathsea-dir=/usr" to ttf2pk's configure. + * [debian/rules]: + - TTF2PKINPUTS = usr/lib/texmf/ttf2pk + - TTF2TFMINPUTS = usr/lib/texmf/ttf2tfm + - *.sfd are now installed in $(TTF2PKINPUTS) and $(TTF2TFMINPUTS). + - $(TTF2PKINPUTS)/ttfonts.map is a symlink to /etc/ttf2pk/ttfonts.map. + * [debian/freetype-tools.conffiles]: Added /etc/ttf2pk/ttfonts.map. + * [debian/postinst]: Added #DEBHELPER#. + * [debian/freetype-tools.postinst]: Runs /usr/bin/mktexlsr if it exists. + * [debian/control]: freetype-tools now Suggests: tetex-bin (>= 0.9-1). + + -- Anthony Fok Sat, 12 Sep 1998 19:55:17 -0600 + +freetype (1.1-1998-08-29-1) unstable; urgency=low + + * New upstream development snapshot. + * Now installs ttf2bdf and ttf2pk's documentation. + ttf2pk/ttf2tfm's *.sfd files are now placed in /usr/lib/ttf2tfm. + * changelog.gz now points to the re-added commitlog.gz. + * Changed "numGlymphId" to "cmap4->numGlyphId" in lib/extend/ftxcmap.c. + + -- Anthony Fok Mon, 31 Aug 1998 04:37:57 -0600 + +freetype (1.1-1) unstable; urgency=low + + * New upstream release. The old freetype-1.0 source package has been + renamed to "freetype1" and is now obsolete. + * Upgraded to standards version 2.4.1.0 (no changes). + * The package soname has been upgraded from 1 to 2. (libttf.2) + * Updated the package descriptions according to freetype.spec. + * Since teTeX 0.9 and the new is in Debian, + ttf2pk is now compiled and included in freetype-tools. + * Added postinst to run ldconfig as per Debian Policy. (Lintian) + * [debian/control]: Added some package relationships w.r.t. freetype1: + - freetype2 -- Replaces: freetype1 + - freetype2-dev -- Conflicts: freetype1-dev + * [debian/rules]: + - /usr/lib/libttf.la is now installed in the freetype2-dev package. + - Moved the developer's documentation into the freetype2-dev package. + Thanks to "Marcelo E. Magallon" for suggestion. + - Added "--dpkg-shlibdeps-params=-Ldebian/tmp/DEBIAN/shlibs" to + dh_shlibdeps when packaging freetype-tools. + - Added patch from /usr/doc/lintian/libtool-workarounds.txt + to solve the -rpath problem. Debian's libtool-1.2 handles the -lc + problem quite nicely already, so that part of the patch is not used. + - Added a GNU GPL copyright statement at the top. :-) + * Ran libtoolize from the Debian libtool-1.2 package. This solves the + -lc problem. :-) config.guess and config.sub are taken from the ones + in /usr/share/automake/ though because they are newer. (Thanks to + the libtool bug report filed by Jim Pick for hints.) + * Removed debian/README.Debian. + + -- Anthony Fok Fri, 28 Aug 1998 03:49:21 -0600 + +freetype (1.1-0.1) unstable; urgency=low + + * New upstream version. Non-maintainer upload (I need this in order to + build new upstream version of gltt!) + * Applied patches from previous version. + * Applied libtool rpath fix patch and removed rpath from compilation + parameters. Changed ltconfig to provide inter-library dependencies. + * Upgraded to Standards 2.4.1 + * Changed package name to freetype2 and other control fields accordingly + (this could be a problem... what about packages that depend on + freetype1?) + * Added "Conflitcs: freetype1 (<= 1.0.0.1998-03-22-1)" to freetype-tools + because of the mo files freetype1 contains and that are now in + freetype-tools, alogn-side the programs that use the files. + + -- Marcelo E. Magallon Sat, 27 Jun 1998 15:59:36 -0600 + +freetype (1.0.0.1998-03-22-1) frozen unstable; urgency=low + + * New upstream snapshot bugfix release as of 1998-03-22. + - ttobjs.c: The storage area is now freed in Instance_Destroy, + because it's the place it should have been from the very start. + A very sick bug spotted by Ram. Thanks again !! - DavidT + - fixed a nasty allocation bug in ttf2tfm.c + - corrected a spelling error (strcpy->strcmp) in ttf2pk.c + - new email address for Werner Lemberg (wl@gnu.org) + - (again) a stupid error fixed in ttf2pk.c + - Some fixes to make the package compile smoothless with the make + program of Solaris. + - too much fixed in po/Makefile.in.in :-) + * /usr/doc/freetype/README.gz and /usr/lib/libttf.la are now installed. + + -- Anthony Fok Wed, 25 Mar 1998 16:18:50 -0700 + +freetype (1.0.0.1998-03-13-1) unstable; urgency=low + + * New upstream snapshot including upstream patch as of 1998-03-13. + + -- Anthony Fok Sun, 15 Mar 1998 15:04:10 -0700 + +freetype (1.0-1) unstable; urgency=low + + * New upstream release (including upstream patch as of 1998-02-17). + * Updated copyright and README.Debian. + * Upgraded to standards version 2.4.0.0 (no changes). + * Enabled gettext support. + * Added .PHONY targets in Makefile.in's. + * Added -lc for linking libttf.so* (Reported by Lintian). + * Various FreeType test programs now have man pages linked to + /usr/man/man7/undocumented.7.gz (Reported by Lintian). + * debian/control: Revised package description. + * debian/rules: Commented out dh_du. + * Moved /usr/include/freetype/freetype.h to /usr/include/freetype.h. + + -- Anthony Fok Wed, 18 Feb 1998 01:12:03 -0700 + +freetype (0.beta.1998.01.06-1) unstable; urgency=low + + * New upstream snapshot release. + * Thanks to the libtool patch posted by Hirotsugu Kakugawa + on the freetype-devel mailing list + (and some local tweaking), the Debian freetype package finally + provides the library and header files! Hurray! (Fixes Bug#16365) + * Splitted the package into freetype0, freetype0-dev and freetype-tools. + * Added debian/compress to ensure that /usr/doc/freetype0/image/*.png + are not compressed. + * Revised README.Debian. + + -- Anthony Fok Thu, 8 Jan 1998 20:46:14 -0700 + +freetype (0.beta.1997.12.25-1) unstable; urgency=low + + * New upstream snapshot release. + * Modified /usr/doc/freetype/copyright to include the new license.txt. + (Yes, FreeType's license has changed.) + * Have a blessed Merry Christmas! + + -- Anthony Fok Fri, 26 Dec 1997 11:26:25 -0700 + +freetype (0.beta.1997.12.16-1) unstable; urgency=low + + * New upstream release. + * /usr/bin/ttf_{lint,timer,view,zoom} no longer exists. The upstream + authors have renamed them as /usr/bin/{ftlint,fttimer,ftview,ftzoom} + and have also added other nifty test programs! :) + * debian/rules: Switched to debhelper. + * debian/control: Upgraded Standards-Version to 2.3.0.1 and increased + Priority to optional. :) + * Revised /usr/doc/freetype/copyright. FreeType is now truly DFSG-free! + (Fixes Bug#16030) + * Revised README.Debian. + * Changed my maintainer e-mail address to . :) + * Sorry, the library and header files are not yet included. + I have yet to learn how. :) + + -- Anthony Fok Wed, 17 Dec 1997 03:02:49 -0700 + +freetype (0.4-4) unstable; urgency=low + + * Corrected the freetype mailing-list server's address from + "@lists.tu-muenchen.de" to "@lists.lrz-muenchen.de" in the files + /usr/doc/freetype/readme.1st and license.txt. + * Improved the package description and added a URL link to the + FreeType Project Home Page + * Removed "Keywords", "Primary-site" and "Original-site" from the package's + description, but kept "Authors" and "Maintained-by" (Closed bug #12510). + + -- Anthony Fok Sun, 21 Sep 1997 18:24:42 -0600 + +freetype (0.4-3) unstable; urgency=low + + * Rebuilt with both libc6 and xlib6g (Fixes bug #12784). + * Updated to Standards-Version: 2.3.0.0. + + -- Anthony Fok Wed, 10 Sep 1997 21:57:20 -0600 + +freetype (0.4-2) unstable; urgency=low + + * Renamed /usr/bin/{lint,timer,view,zoom} to + /usr/bin/ttf_{lint,timer,view,zoom} to avoid name conflicts with other + programs (Fixes bugs #12096, #12136). + * Closed bug #11193 (freetype AR4 available). + + -- Anthony Fok Tue, 19 Aug 1997 17:53:32 -0600 + +freetype (0.4-1) unstable; urgency=low + + * New maintainer. + * New upstream release. + * Updated to Standards-Version: 2.2.0.0. + + -- Anthony Fok Mon, 11 Aug 1997 08:26:17 -0600 + +freetype (0.3-1) unstable; urgency=low + + * Upstream update. Sadly the envisioned Christmas target of an X truetype + rasterizer has been abandoned. + + -- Christoph Lameter Tue, 24 Dec 1996 12:52:24 -0800 + +freetype (0.1-1) unstable; urgency=low + + * Initial Release. + + -- Christoph Lameter Thu, 7 Nov 1996 11:51:45 -0800 --- freetype-2.5.2.orig/debian/compat +++ freetype-2.5.2/debian/compat @@ -0,0 +1 @@ +9 --- freetype-2.5.2.orig/debian/control +++ freetype-2.5.2/debian/control @@ -0,0 +1,86 @@ +Source: freetype +Section: libs +Priority: optional +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Steve Langasek +Uploaders: Anthony Fok , Keith Packard +Build-Depends: bzip2, debhelper (>= 9), docbook-to-man, gettext (>= 0.10.36-2), libx11-dev, x11proto-core-dev, libz-dev, quilt, libpng-dev, autoconf, automake, libtool +Standards-Version: 3.9.6 +Homepage: http://www.freetype.org + +Package: libfreetype6 +Architecture: any +Section: libs +Depends: ${shlibs:Depends}, ${misc:Depends} +Pre-Depends: ${misc:Pre-Depends} +Multi-Arch: same +Description: FreeType 2 font engine, shared library files + The FreeType project is a team of volunteers who develop free, + portable and high-quality software solutions for digital typography. + They specifically target embedded systems and focus on bringing small, + efficient and ubiquitous products. + . + The FreeType 2 library is their new software font engine. It has been + designed to provide the following important features: + * A universal and simple API to manage font files + * Support for several font formats through loadable modules + * High-quality anti-aliasing + * High portability & performance + . + Supported font formats include: + * TrueType files (.ttf) and collections (.ttc) + * Type 1 font files both in ASCII (.pfa) or binary (.pfb) format + * Type 1 Multiple Master fonts. The FreeType 2 API also provides + routines to manage design instances easily + * Type 1 CID-keyed fonts + * OpenType/CFF (.otf) fonts + * CFF/Type 2 fonts + * Adobe CEF fonts (.cef), used to embed fonts in SVG documents with + the Adobe SVG viewer plugin. + * Windows FNT/FON bitmap fonts + . + This package contains the files needed to run programs that use the + FreeType 2 library. + . + Home Page: http://www.freetype.org/ + Authors: David Turner + Robert Wilhelm + Werner Lemberg + +Package: libfreetype6-dev +Architecture: any +Multi-Arch: same +Section: libdevel +Depends: libfreetype6 (= ${binary:Version}), libc6-dev | libc-dev, zlib1g-dev | libz-dev, libpng-dev, ${misc:Depends} +Description: FreeType 2 font engine, development files + The FreeType project is a team of volunteers who develop free, + portable and high-quality software solutions for digital typography. + They specifically target embedded systems and focus on bringing small, + efficient and ubiquitous products. + . + This package contains all supplementary files (static library, headers + and documentation) you need to develop your own programs using the + FreeType 2 library. + +Package: freetype2-demos +Architecture: any +Section: utils +Depends: ${shlibs:Depends}, ${misc:Depends} +Replaces: freetype-tools +Description: FreeType 2 demonstration programs + This package contains some demonstration programs and utilities + which showcase the features of the FreeType 2 font engine. + +Package: libfreetype6-udeb +XC-Package-Type: udeb +Priority: extra +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Section: debian-installer +Description: FreeType 2 font engine for the debian-installer + The FreeType project is a team of volunteers who develop free, + portable and high-quality software solutions for digital typography. + They specifically target embedded systems and focus on bringing small, + efficient and ubiquitous products. + . + This is the udeb package for use with the debian-installer. --- freetype-2.5.2.orig/debian/copyright +++ freetype-2.5.2/debian/copyright @@ -0,0 +1,439 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: freetype +Upstream-Contact: freetype-devel@nongnu.org +Source: http://www.freetype.org/download.html + +Files: * +Copyright: 1996-2012 David Turner, Robert Wilhelm, and Werner Lemberg + 1996-2009 Just van Rossum + 2002-2012 Roberto Alameda + 2003 Huw D M Davies for Codeweavers + 2003-2012 Masatake YAMATO, Redhat K.K. + 2004-2012 Albert Chin-A-Young + 2004-2012 Suzuki Toshiya + 2007 Dmitry Timoshkov for Codeweavers + 2007-2011 Rahul Bhalerao + 2007-2012 Derek Clegg, Michael Toftdal + 2009-2011 Oran Agra, Mickey Gabel + 2010, 2012 Joel Klinghed +License: GPL-2+ or FTL + +Files: debian/* +Copyright: 1996-2012 Christoph Lameter , + Anthony Fok , + Steve Langasek , et al. +License: GPL-2+ + +Files: freetype-*/vms_make.com +Copyright: 2001, 2002 Catharon Productions Inc. http://www.catharon.com/ +License: Catharon-OSL + +Files: freetype-*/src/gzip/* +Copyright: 1995-2002 Jean-loup Gailly and Mark Adler +License: GZip + +Files: freetype-*/src/gzip/ftgzip.c +Copyright: 2002-2006, 2009-2012 David Turner, Robert Wilhelm, Werner Lemberg +License: GPL-2+ or FTL + +Files: freetype-*/src/tools/ftrandom/ftrandom.c +Copyright: 2005-2008 George Williams +License: BSD-3-Clause + +Files: freetype-*/src/pcf/* freetype-*/src/bdf/* +Copyright: 2000-2012 Francesco Zappa Nardelli + 2000 Computing Research Labs, New Mexico State University +License: BSD-2-Clause + +Files: freetype-*/src/pcf/pcfutil.c +Copyright: 1990, 1994, 1998 The Open Group +License: OpenGroup-BSD-like + +License: GPL-2+ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301, USA. + . + On Debian GNU/Linux systems, the complete text of the GNU General + Public License version 2 can be found in + `/usr/share/common-licenses/GPL-2'. + +License: BSD-2-Clause + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + . + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +License: BSD-3-Clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + . + Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + . + Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + . + The name of the author may not be used to endorse or promote products + derived from this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED + WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: OpenGroup-BSD-like + Permission to use, copy, modify, distribute, and sell this software and its + documentation for any purpose is hereby granted without fee, provided that + the above copyright notice appear in all copies and that both that + copyright notice and this permission notice appear in supporting + documentation. + . + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN + AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + . + Except as contained in this notice, the name of The Open Group shall not be + used in advertising or otherwise to promote the sale, use or other dealings + in this Software without prior written authorization from The Open Group. + +License: GZip + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + . + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + . + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + +License: FTL + The FreeType Project LICENSE + ---------------------------- + . + 2000-Feb-08 + . + Copyright 1996-2000 by + David Turner, Robert Wilhelm, and Werner Lemberg + . + . + . + Introduction + ============ + . + The FreeType Project is distributed in several archive packages; + some of them may contain, in addition to the FreeType font engine, + various tools and contributions which rely on, or relate to, the + FreeType Project. + . + This license applies to all files found in such packages, and + which do not fall under their own explicit license. The license + affects thus the FreeType font engine, the test programs, + documentation and makefiles, at the very least. + . + This license was inspired by the BSD, Artistic, and IJG + (Independent JPEG Group) licenses, which all encourage inclusion + and use of free software in commercial and freeware products + alike. As a consequence, its main points are that: + . + o We don't promise that this software works. However, we will be + interested in any kind of bug reports. (`as is' distribution) + . + o You can use this software for whatever you want, in parts or + full form, without having to pay us. (`royalty-free' usage) + . + o You may not pretend that you wrote this software. If you use + it, or only parts of it, in a program, you must acknowledge + somewhere in your documentation that you have used the + FreeType code. (`credits') + . + We specifically permit and encourage the inclusion of this + software, with or without modifications, in commercial products. + We disclaim all warranties covering The FreeType Project and + assume no liability related to The FreeType Project. + . + . + Legal Terms + =========== + . + 0. Definitions + -------------- + . + Throughout this license, the terms `package', `FreeType Project', + and `FreeType archive' refer to the set of files originally + distributed by the authors (David Turner, Robert Wilhelm, and + Werner Lemberg) as the `FreeType Project', be they named as alpha, + beta or final release. + . + `You' refers to the licensee, or person using the project, where + `using' is a generic term including compiling the project's source + code as well as linking it to form a `program' or `executable'. + This program is referred to as `a program using the FreeType + engine'. + . + This license applies to all files distributed in the original + FreeType Project, including all source code, binaries and + documentation, unless otherwise stated in the file in its + original, unmodified form as distributed in the original archive. + If you are unsure whether or not a particular file is covered by + this license, you must contact us to verify this. + . + The FreeType Project is copyright (C) 1996-2000 by David Turner, + Robert Wilhelm, and Werner Lemberg. All rights reserved except as + specified below. + . + 1. No Warranty + -------------- + . + THE FREETYPE PROJECT IS PROVIDED `AS IS' WITHOUT WARRANTY OF ANY + KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE. IN NO EVENT WILL ANY OF THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY DAMAGES CAUSED BY THE USE OR THE INABILITY TO + USE, OF THE FREETYPE PROJECT. + . + 2. Redistribution + ----------------- + . + This license grants a worldwide, royalty-free, perpetual and + irrevocable right and license to use, execute, perform, compile, + display, copy, create derivative works of, distribute and + sublicense the FreeType Project (in both source and object code + forms) and derivative works thereof for any purpose; and to + authorize others to exercise some or all of the rights granted + herein, subject to the following conditions: + . + o Redistribution of source code must retain this license file + (`LICENSE.TXT') unaltered; any additions, deletions or changes + to the original files must be clearly indicated in + accompanying documentation. The copyright notices of the + unaltered, original files must be preserved in all copies of + source files. + . + o Redistribution in binary form must provide a disclaimer that + states that the software is based in part of the work of the + FreeType Team, in the distribution documentation. We also + encourage you to put an URL to the FreeType web page in your + documentation, though this isn't mandatory. + . + These conditions apply to any software derived from or based on + the FreeType Project, not just the unmodified files. If you use + our work, you must acknowledge us. However, no fee need be paid + to us. + . + 3. Advertising + -------------- + . + Neither the FreeType authors and contributors nor you shall use + the name of the other for commercial, advertising, or promotional + purposes without specific prior written permission. + . + We suggest, but do not require, that you use one or more of the + following phrases to refer to this software in your documentation + or advertising materials: `FreeType Project', `FreeType Engine', + `FreeType library', or `FreeType Distribution'. + . + As you have not signed this license, you are not required to + accept it. However, as the FreeType Project is copyrighted + material, only this license, or another one contracted with the + authors, grants you the right to use, distribute, and modify it. + Therefore, by using, distributing, or modifying the FreeType + Project, you indicate that you understand and accept all the terms + of this license. + . + 4. Contacts + ----------- + . + There are two mailing lists related to FreeType: + . + o freetype@freetype.org + . + Discusses general use and applications of FreeType, as well as + future and wanted additions to the library and distribution. + If you are looking for support, start in this list if you + haven't found anything to help you in the documentation. + . + o devel@freetype.org + . + Discusses bugs, as well as engine internals, design issues, + specific licenses, porting, etc. + . + o http://www.freetype.org + . + Holds the current FreeType web page, which will allow you to + download our latest development version and read online + documentation. + . + You can also contact us individually at: + . + David Turner + Robert Wilhelm + Werner Lemberg + +License: Catharon-OSL + The Catharon Open Source LICENSE + ---------------------------- + . + 2000-Jul-04 + . + Copyright (C) 2000 by Catharon Productions, Inc. + . + . + . + Introduction + ============ + . + This license applies to source files distributed by Catharon + Productions, Inc. in several archive packages. This license + applies to all files found in such packages which do not fall + under their own explicit license. + . + This license was inspired by the BSD, Artistic, and IJG + (Independent JPEG Group) licenses, which all encourage inclusion + and use of free software in commercial and freeware products + alike. As a consequence, its main points are that: + . + o We don't promise that this software works. However, we are + interested in any kind of bug reports. (`as is' distribution) + . + o You can use this software for whatever you want, in parts or + full form, without having to pay us. (`royalty-free' usage) + . + o You may not pretend that you wrote this software. If you use + it, or only parts of it, in a program, you must acknowledge + somewhere in your documentation that you have used the + Catharon Code. (`credits') + . + We specifically permit and encourage the inclusion of this + software, with or without modifications, in commercial products. + We disclaim all warranties covering the packages distributed by + Catharon Productions, Inc. and assume no liability related to + their use. + . + . + Legal Terms + =========== + . + 0. Definitions + -------------- + . + Throughout this license, the terms `Catharon Package', `package', + and `Catharon Code' refer to the set of files originally + distributed by Catharon Productions, Inc. + . + `You' refers to the licensee, or person using the project, where + `using' is a generic term including compiling the project's source + code as well as linking it to form a `program' or `executable'. + This program is referred to as `a program using one of the + Catharon Packages'. + . + This license applies to all files distributed in the original + Catharon Package(s), including all source code, binaries and + documentation, unless otherwise stated in the file in its + original, unmodified form as distributed in the original archive. + If you are unsure whether or not a particular file is covered by + this license, you must contact us to verify this. + . + The Catharon Packages are copyright (C) 2000 by Catharon + Productions, Inc. All rights reserved except as specified below. + . + 1. No Warranty + -------------- + . + THE CATHARON PACKAGES ARE PROVIDED `AS IS' WITHOUT WARRANTY OF ANY + KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE. IN NO EVENT WILL ANY OF THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY DAMAGES CAUSED BY THE USE OF OR THE INABILITY TO + USE THE CATHARON PACKAGE. + . + 2. Redistribution + ----------------- + . + This license grants a worldwide, royalty-free, perpetual and + irrevocable right and license to use, execute, perform, compile, + display, copy, create derivative works of, distribute and + sublicense the Catharon Packages (in both source and object code + forms) and derivative works thereof for any purpose; and to + authorize others to exercise some or all of the rights granted + herein, subject to the following conditions: + . + o Redistribution of source code must retain this license file + (`license.txt') unaltered; any additions, deletions or changes + to the original files must be clearly indicated in + accompanying documentation. The copyright notices of the + unaltered, original files must be preserved in all copies of + source files. + . + o Redistribution in binary form must provide a disclaimer that + states that the software is based in part on the work of + Catharon Productions, Inc. in the distribution documentation. + . + These conditions apply to any software derived from or based on + the Catharon Packages, not just the unmodified files. If you use + our work, you must acknowledge us. However, no fee need be paid + to us. + . + 3. Advertising + -------------- + . + Neither Catharon Productions, Inc. and contributors nor you shall + use the name of the other for commercial, advertising, or + promotional purposes without specific prior written permission. + . + We suggest, but do not require, that you use the following phrase + to refer to this software in your documentation: 'this software is + based in part on the Catharon Typography Project'. + . + As you have not signed this license, you are not required to + accept it. However, as the Catharon Packages are copyrighted + material, only this license, or another one contracted with the + authors, grants you the right to use, distribute, and modify it. + Therefore, by using, distributing, or modifying the Catharon + Packages, you indicate that you understand and accept all the + terms of this license. --- freetype-2.5.2.orig/debian/freetype-config.man.sgml +++ freetype-2.5.2/debian/freetype-config.man.sgml @@ -0,0 +1,174 @@ + manpage.1'. You may view + the manual page with: `docbook-to-man manpage.sgml | nroff -man | + less'. A typical entry in a Makefile or Makefile.am is: + +manpage.1: manpage.sgml + docbook-to-man $< > $@ + + + The docbook-to-man binary is found in the docbook-to-man package. + Please remember that if you create the nroff version in one of the + debian/rules file targets (such as build), you will need to include + docbook-to-man in your Build-Depends control field. + + --> + + Will"> + Newton"> + 2005-06-09"> + 1"> + will@debian.org"> + + FREETYPE-CONFIG"> + + + Debian"> + GNU"> +]> + + + +
+ &dhemail; +
+ + &dhfirstname; + &dhsurname; + + + 2005 + &dhusername; + + &dhdate; + + + &dhucpackage; + + &dhsection; + + + &dhpackage; + + show information about installed freetype2 libraries + + + + &dhpackage; + + + + + + + + + + + + + DESCRIPTION + + This manual page documents briefly the + &dhpackage; command, + + &dhpackage; is a program that shows information + about the installed freetype2 libraries. + + + + OPTIONS + + The following options are supported: + + + + + + + + Show the prefix freetype2 was built with. The prefix may + be overridden by passing the argument PREFIX. + + + + + + + + Show the executable prefix freetype2 was built with. The + executable prefix may be overridden by passing the argument + EPREFIX. + + + + + + + Show the libtool version of the installed freetype2. + + + + + + + Show the FreeType version of the installed freetype2. + + + + + + + Show the compiler flags for linking to the installed freetype2. + + + + + + + Show the library name for linking with libtool. + + + + + + + Show the compiler flags for compiling against the installed freetype2. + + + + + + AUTHOR + + This manual page was written by &dhusername; &dhemail; for + the &debian; system (but may be used by others). Permission is + granted to copy, distribute and/or modify this document under + the terms of the GNU Free Documentation + License, Version 1.1 or any later version published by the Free + Software Foundation; with no Invariant Sections, no Front-Cover + Texts and no Back-Cover Texts. + + + + + + + --- freetype-2.5.2.orig/debian/freetype2-demos.dirs +++ freetype-2.5.2/debian/freetype2-demos.dirs @@ -0,0 +1 @@ +usr/bin --- freetype-2.5.2.orig/debian/libfreetype6-dev.doc-base +++ freetype-2.5.2/debian/libfreetype6-dev.doc-base @@ -0,0 +1,10 @@ +Document: libfreetype6-dev +Title: FreeType 2 Development Documentation +Author: Various +Abstract: Development documentation for FreeType 2. +Section: Programming/C + +Format: HTML +Index: /usr/share/doc/libfreetype6/reference/ft2-index.html +Files: /usr/share/doc/libfreetype6/reference/*.html + --- freetype-2.5.2.orig/debian/libfreetype6-dev.install +++ freetype-2.5.2/debian/libfreetype6-dev.install @@ -0,0 +1,7 @@ +usr/bin/freetype-config +usr/include/ +usr/lib/*/*.so +usr/lib/*/*.la +usr/lib/*/*.a +usr/lib/*/pkgconfig/ +usr/share/aclocal/ --- freetype-2.5.2.orig/debian/libfreetype6-dev.manpages +++ freetype-2.5.2/debian/libfreetype6-dev.manpages @@ -0,0 +1 @@ +debian/freetype-config.man --- freetype-2.5.2.orig/debian/libfreetype6-udeb.dirs +++ freetype-2.5.2/debian/libfreetype6-udeb.dirs @@ -0,0 +1 @@ +usr/lib --- freetype-2.5.2.orig/debian/libfreetype6-udeb.install +++ freetype-2.5.2/debian/libfreetype6-udeb.install @@ -0,0 +1 @@ +usr/lib/*/*.so.* usr/lib --- freetype-2.5.2.orig/debian/libfreetype6.install +++ freetype-2.5.2/debian/libfreetype6.install @@ -0,0 +1 @@ +usr/lib/*/*.so.* --- freetype-2.5.2.orig/debian/libfreetype6.symbols +++ freetype-2.5.2/debian/libfreetype6.symbols @@ -0,0 +1,366 @@ +libfreetype.so.6 libfreetype6 #MINVER# + FTC_CMapCache_Lookup@Base 2.2.1 + FTC_CMapCache_New@Base 2.2.1 + FTC_ImageCache_Lookup@Base 2.2.1 + FTC_ImageCache_LookupScaler@Base 2.3.5 + FTC_ImageCache_New@Base 2.2.1 + FTC_Manager_Done@Base 2.2.1 + FTC_Manager_LookupFace@Base 2.2.1 + FTC_Manager_LookupSize@Base 2.2.1 + FTC_Manager_New@Base 2.2.1 + FTC_Manager_RemoveFaceID@Base 2.2.1 + FTC_Manager_Reset@Base 2.2.1 + FTC_Node_Unref@Base 2.2.1 + FTC_SBitCache_Lookup@Base 2.2.1 + FTC_SBitCache_LookupScaler@Base 2.3.5 + FTC_SBitCache_New@Base 2.2.1 + FT_Access_Frame@Base 2.2.1 + FT_Activate_Size@Base 2.2.1 + FT_Add_Default_Modules@Base 2.2.1 + FT_Add_Module@Base 2.2.1 + FT_Angle_Diff@Base 2.2.1 + FT_Atan2@Base 2.2.1 + FT_Attach_File@Base 2.2.1 + FT_Attach_Stream@Base 2.2.1 + FT_Bitmap_Convert@Base 2.2.1 + FT_Bitmap_Copy@Base 2.2.1 + FT_Bitmap_Done@Base 2.2.1 + FT_Bitmap_Embolden@Base 2.2.1 + FT_Bitmap_New@Base 2.2.1 + FT_CMap_Done@Base 2.2.1 + FT_CMap_New@Base 2.2.1 + FT_CeilFix@Base 2.2.1 + FT_ClassicKern_Free@Base 2.2.1 + FT_ClassicKern_Validate@Base 2.2.1 + FT_Cos@Base 2.2.1 + FT_DivFix@Base 2.2.1 + FT_Done_Face@Base 2.2.1 + FT_Done_FreeType@Base 2.2.1 + FT_Done_Glyph@Base 2.2.1 + FT_Done_GlyphSlot@Base 2.2.1 + FT_Done_Library@Base 2.2.1 + FT_Done_Memory@Base 2.2.1 + FT_Done_Size@Base 2.2.1 + FT_Extract_Frame@Base 2.2.1 + FT_Face_CheckTrueTypePatents@Base 2.3.5 + FT_Face_GetCharVariantIndex@Base 2.3.5 + FT_Face_GetCharVariantIsDefault@Base 2.3.5 + FT_Face_GetCharsOfVariant@Base 2.3.5 + FT_Face_GetVariantSelectors@Base 2.3.5 + FT_Face_GetVariantsOfChar@Base 2.3.5 + FT_Face_SetUnpatentedHinting@Base 2.3.5 + FT_FloorFix@Base 2.2.1 + FT_Forget_Frame@Base 2.2.1 + FT_Get_Advance@Base 2.3.9 + FT_Get_Advances@Base 2.3.9 + FT_Get_BDF_Charset_ID@Base 2.2.1 + FT_Get_BDF_Property@Base 2.2.1 + FT_Get_CID_From_Glyph_Index@Base 2.3.9 + FT_Get_CID_Is_Internally_CID_Keyed@Base 2.3.9 + FT_Get_CID_Registry_Ordering_Supplement@Base 2.3.5 + FT_Get_CMap_Format@Base 2.3.5 + FT_Get_CMap_Language_ID@Base 2.2.1 + FT_Get_Char_Index@Base 2.2.1 + FT_Get_Charmap_Index@Base 2.2.1 + FT_Get_FSType_Flags@Base 2.3.9 + FT_Get_First_Char@Base 2.2.1 + FT_Get_Gasp@Base 2.3.5 + FT_Get_Glyph@Base 2.2.1 + FT_Get_Glyph_Name@Base 2.2.1 + FT_Get_Kerning@Base 2.2.1 + FT_Get_Long@Base 2.2.1 + FT_Get_MM_Var@Base 2.2.1 + FT_Get_Module@Base 2.2.1 + FT_Get_Module_Interface@Base 2.2.1 + FT_Get_Multi_Master@Base 2.2.1 + FT_Get_Name_Index@Base 2.2.1 + FT_Get_Next_Char@Base 2.2.1 + FT_Get_PFR_Advance@Base 2.2.1 + FT_Get_PFR_Kerning@Base 2.2.1 + FT_Get_PFR_Metrics@Base 2.2.1 + FT_Get_PS_Font_Info@Base 2.2.1 + FT_Get_PS_Font_Private@Base 2.2.1 + FT_Get_PS_Font_Value@Base 2.4.8 + FT_Get_Postscript_Name@Base 2.2.1 + FT_Get_Renderer@Base 2.2.1 + FT_Get_Sfnt_Name@Base 2.2.1 + FT_Get_Sfnt_Name_Count@Base 2.2.1 + FT_Get_Sfnt_Table@Base 2.2.1 + FT_Get_Short@Base 2.2.1 + FT_Get_SubGlyph_Info@Base 2.2.1 + FT_Get_Track_Kerning@Base 2.2.1 + FT_Get_TrueType_Engine_Type@Base 2.2.1 + FT_Get_WinFNT_Header@Base 2.2.1 + FT_Get_X11_Font_Format@Base 2.2.1 + FT_GlyphLoader_Add@Base 2.2.1 + FT_GlyphLoader_CheckPoints@Base 2.2.1 + FT_GlyphLoader_CheckSubGlyphs@Base 2.2.1 + FT_GlyphLoader_CopyPoints@Base 2.2.1 + FT_GlyphLoader_CreateExtra@Base 2.2.1 + FT_GlyphLoader_Done@Base 2.2.1 + FT_GlyphLoader_New@Base 2.2.1 + FT_GlyphLoader_Prepare@Base 2.2.1 + FT_GlyphLoader_Reset@Base 2.2.1 + FT_GlyphLoader_Rewind@Base 2.2.1 + FT_GlyphSlot_Embolden@Base 2.2.1 + FT_GlyphSlot_Oblique@Base 2.2.1 + FT_GlyphSlot_Own_Bitmap@Base 2.2.1 + FT_Glyph_Copy@Base 2.2.1 + FT_Glyph_Get_CBox@Base 2.2.1 + FT_Glyph_Stroke@Base 2.2.1 + FT_Glyph_StrokeBorder@Base 2.2.1 + FT_Glyph_To_Bitmap@Base 2.2.1 + FT_Glyph_Transform@Base 2.2.1 + FT_Gzip_Uncompress@Base 2.5.1 + FT_Has_PS_Glyph_Names@Base 2.2.1 + FT_Hypot@Base 2.4.12 + FT_Init_FreeType@Base 2.2.1 + FT_Library_SetLcdFilter@Base 2.3.5 + FT_Library_SetLcdFilterWeights@Base 2.4.0 + FT_Library_Version@Base 2.2.1 + FT_List_Add@Base 2.2.1 + FT_List_Finalize@Base 2.2.1 + FT_List_Find@Base 2.2.1 + FT_List_Insert@Base 2.2.1 + FT_List_Iterate@Base 2.2.1 + FT_List_Remove@Base 2.2.1 + FT_List_Up@Base 2.2.1 + FT_Load_Char@Base 2.2.1 + FT_Load_Glyph@Base 2.2.1 + FT_Load_Sfnt_Table@Base 2.2.1 + FT_Lookup_Renderer@Base 2.2.1 + FT_MSB@Base 2.4.12 + FT_Match_Size@Base 2.2.1 + FT_Matrix_Invert@Base 2.2.1 + FT_Matrix_Multiply@Base 2.2.1 + FT_Matrix_Multiply_Scaled@Base 2.3.5 + FT_MulDiv@Base 2.2.1 + FT_MulDiv_No_Round@Base 2.2.1 + FT_MulFix@Base 2.2.1 + FT_New_Face@Base 2.2.1 + FT_New_GlyphSlot@Base 2.2.1 + FT_New_Library@Base 2.2.1 + FT_New_Memory@Base 2.2.1 + FT_New_Memory_Face@Base 2.2.1 + FT_New_Memory_Stream@Base 2.2.1 + FT_New_Size@Base 2.2.1 + FT_OpenType_Free@Base 2.2.1 + FT_OpenType_Validate@Base 2.2.1 + FT_Open_Face@Base 2.2.1 + FT_Outline_Check@Base 2.2.1 + FT_Outline_Copy@Base 2.2.1 + FT_Outline_Decompose@Base 2.2.1 + FT_Outline_Done@Base 2.2.1 + FT_Outline_Done_Internal@Base 2.2.1 + FT_Outline_Embolden@Base 2.2.1 + FT_Outline_EmboldenXY@Base 2.4.10 + FT_Outline_GetInsideBorder@Base 2.2.1 + FT_Outline_GetOutsideBorder@Base 2.2.1 + FT_Outline_Get_BBox@Base 2.2.1 + FT_Outline_Get_Bitmap@Base 2.2.1 + FT_Outline_Get_CBox@Base 2.2.1 + FT_Outline_Get_Orientation@Base 2.2.1 + FT_Outline_New@Base 2.2.1 + FT_Outline_New_Internal@Base 2.2.1 + FT_Outline_Render@Base 2.2.1 + FT_Outline_Reverse@Base 2.2.1 + FT_Outline_Transform@Base 2.2.1 + FT_Outline_Translate@Base 2.2.1 + FT_Property_Get@Base 2.4.11 + FT_Property_Set@Base 2.4.11 + FT_Raccess_Get_DataOffsets@Base 2.2.1 + FT_Raccess_Get_HeaderInfo@Base 2.2.1 + FT_Raccess_Guess@Base 2.2.1 + FT_Read_Stream@Base 2.2.1 + FT_Read_Stream_At@Base 2.2.1 + FT_Reference_Face@Base 2.4.2 + FT_Reference_Library@Base 2.4.2 + FT_Release_Frame@Base 2.2.1 + FT_Remove_Module@Base 2.2.1 + FT_Render_Glyph@Base 2.2.1 + FT_Render_Glyph_Internal@Base 2.2.1 + FT_Request_Metrics@Base 2.2.1 + FT_Request_Size@Base 2.2.1 + FT_RoundFix@Base 2.2.1 + FT_Seek_Stream@Base 2.2.1 + FT_Select_Charmap@Base 2.2.1 + FT_Select_Metrics@Base 2.2.1 + FT_Select_Size@Base 2.2.1 + FT_Set_Char_Size@Base 2.2.1 + FT_Set_Charmap@Base 2.2.1 + FT_Set_Debug_Hook@Base 2.2.1 + FT_Set_MM_Blend_Coordinates@Base 2.2.1 + FT_Set_MM_Design_Coordinates@Base 2.2.1 + FT_Set_Pixel_Sizes@Base 2.2.1 + FT_Set_Renderer@Base 2.2.1 + FT_Set_Transform@Base 2.2.1 + FT_Set_Var_Blend_Coordinates@Base 2.2.1 + FT_Set_Var_Design_Coordinates@Base 2.2.1 + FT_Sfnt_Table_Info@Base 2.2.1 + FT_Sin@Base 2.2.1 + FT_Skip_Stream@Base 2.2.1 + FT_Stream_Close@Base 2.2.1 + FT_Stream_EnterFrame@Base 2.2.1 + FT_Stream_ExitFrame@Base 2.2.1 + FT_Stream_ExtractFrame@Base 2.2.1 + FT_Stream_Free@Base 2.2.1 + FT_Stream_GetChar@Base 2.2.1 + FT_Stream_GetULong@Base 2.4.5 + FT_Stream_GetULongLE@Base 2.4.5 + FT_Stream_GetUOffset@Base 2.4.5 + FT_Stream_GetUShort@Base 2.4.5 + FT_Stream_GetUShortLE@Base 2.4.5 + FT_Stream_New@Base 2.2.1 + FT_Stream_Open@Base 2.2.1 + FT_Stream_OpenBzip2@Base 2.4.5 + FT_Stream_OpenGzip@Base 2.2.1 + FT_Stream_OpenLZW@Base 2.2.1 + FT_Stream_OpenMemory@Base 2.2.1 + FT_Stream_Pos@Base 2.2.1 + FT_Stream_Read@Base 2.2.1 + FT_Stream_ReadAt@Base 2.2.1 + FT_Stream_ReadChar@Base 2.2.1 + FT_Stream_ReadFields@Base 2.2.1 + FT_Stream_ReadULong@Base 2.4.5 + FT_Stream_ReadULongLE@Base 2.4.5 + FT_Stream_ReadUOffset@Base 2.4.5 + FT_Stream_ReadUShort@Base 2.4.5 + FT_Stream_ReadUShortLE@Base 2.4.5 + FT_Stream_ReleaseFrame@Base 2.4.5 + FT_Stream_Seek@Base 2.2.1 + FT_Stream_Skip@Base 2.2.1 + FT_Stream_TryRead@Base 2.2.1 + FT_Stroker_BeginSubPath@Base 2.2.1 + FT_Stroker_ConicTo@Base 2.2.1 + FT_Stroker_CubicTo@Base 2.2.1 + FT_Stroker_Done@Base 2.2.1 + FT_Stroker_EndSubPath@Base 2.2.1 + FT_Stroker_Export@Base 2.2.1 + FT_Stroker_ExportBorder@Base 2.2.1 + FT_Stroker_GetBorderCounts@Base 2.2.1 + FT_Stroker_GetCounts@Base 2.2.1 + FT_Stroker_LineTo@Base 2.2.1 + FT_Stroker_New@Base 2.2.1 + FT_Stroker_ParseOutline@Base 2.2.1 + FT_Stroker_Rewind@Base 2.2.1 + FT_Stroker_Set@Base 2.2.1 + FT_Tan@Base 2.2.1 + FT_Trace_Get_Count@Base 2.2.1 + FT_Trace_Get_Name@Base 2.2.1 + FT_TrueTypeGX_Free@Base 2.2.1 + FT_TrueTypeGX_Validate@Base 2.2.1 + FT_Vector_From_Polar@Base 2.2.1 + FT_Vector_Length@Base 2.2.1 + FT_Vector_Polarize@Base 2.2.1 + FT_Vector_Rotate@Base 2.2.1 + FT_Vector_Transform@Base 2.2.1 + FT_Vector_Transform_Scaled@Base 2.3.5 + FT_Vector_Unit@Base 2.2.1 + TT_New_Context@Base 2.2.1 + TT_RunIns@Base 2.2.1 + af_autofitter_interface@Base 2.4.11 + af_blue_strings@Base 2.5.1 + af_blue_stringsets@Base 2.5.1 + af_cjk_writing_system_class@Base 2.5.1 + af_cyrl_script_class@Base 2.5.1 + af_deva_script_class@Base 2.5.1 + af_dflt_script_class@Base 2.5.1 + af_dummy_writing_system_class@Base 2.5.1 + af_grek_script_class@Base 2.5.1 + af_hani_script_class@Base 2.5.1 + af_hebr_script_class@Base 2.5.1 + af_indic_writing_system_class@Base 2.5.1 + af_latin_writing_system_class@Base 2.5.1 + af_latn_script_class@Base 2.5.1 + af_property_get@Base 2.4.11 + af_property_get_face_globals@Base 2.4.11 + af_property_set@Base 2.4.11 + af_script_classes@Base 2.5.1 + af_writing_system_classes@Base 2.5.1 + afm_parser_funcs@Base 2.2.1 + autofit_module_class@Base 2.2.1 + bdf_cmap_class@Base 2.2.1 + bdf_driver_class@Base 2.2.1 + cff_cmap_encoding_class_rec@Base 2.2.1 + cff_cmap_unicode_class_rec@Base 2.2.1 + cff_driver_class@Base 2.2.1 + ft_bitmap_glyph_class@Base 2.2.1 + ft_corner_is_flat@Base 2.3.5 + ft_corner_orientation@Base 2.3.5 + ft_debug_init@Base 2.2.1 + ft_glyphslot_alloc_bitmap@Base 2.2.1 + ft_glyphslot_free_bitmap@Base 2.2.1 + ft_glyphslot_set_bitmap@Base 2.2.1 + ft_grays_raster@Base 2.2.1 + ft_gray_for_premultiplied_srgb_bgra@Base 2.5.0.1 + ft_highpow2@Base 2.2.1 + ft_lzwstate_done@Base 2.2.1 + ft_lzwstate_init@Base 2.2.1 + ft_lzwstate_io@Base 2.2.1 + ft_lzwstate_reset@Base 2.2.1 + ft_mem_alloc@Base 2.2.1 + ft_mem_dup@Base 2.3.5 + ft_mem_free@Base 2.2.1 + ft_mem_qalloc@Base 2.2.1 + ft_mem_qrealloc@Base 2.2.1 + ft_mem_realloc@Base 2.2.1 + ft_mem_strcpyn@Base 2.3.5 + ft_mem_strdup@Base 2.3.5 + ft_module_get_service@Base 2.2.1 + ft_outline_glyph_class@Base 2.2.1 + ft_property_do@Base 2.4.11 + ft_raccess_guess_table@Base 2.4.9 + ft_raster1_renderer_class@Base 2.2.1 + ft_raster5_renderer_class@Base 2.2.1 + ft_service_list_lookup@Base 2.2.1 + ft_smooth_lcd_renderer_class@Base 2.2.1 + ft_smooth_lcdv_renderer_class@Base 2.2.1 + ft_smooth_renderer_class@Base 2.2.1 + ft_standard_raster@Base 2.2.1 + ft_synthesize_vertical_metrics@Base 2.2.1 + ft_validator_error@Base 2.2.1 + ft_validator_init@Base 2.2.1 + ft_validator_run@Base 2.2.1 + ftc_basic_image_cache_class@Base 2.2.1 + ftc_basic_image_family_class@Base 2.2.1 + ftc_basic_sbit_cache_class@Base 2.2.1 + ftc_basic_sbit_family_class@Base 2.2.1 + ftc_cmap_cache_class@Base 2.2.1 + ftc_face_list_class@Base 2.2.1 + ftc_size_list_class@Base 2.2.1 + gxv_module_class@Base 2.4.4 + otv_module_class@Base 2.4.4 + pcf_cmap_class@Base 2.2.1 + pcf_driver_class@Base 2.2.1 + pfr_cmap_class_rec@Base 2.2.1 + pfr_driver_class@Base 2.2.1 + pfr_metrics_service_rec@Base 2.2.1 + ps_hints_apply@Base 2.2.1 + ps_parser_funcs@Base 2.2.1 + ps_table_funcs@Base 2.2.1 + psaux_module_class@Base 2.2.1 + pshinter_module_class@Base 2.2.1 + psnames_module_class@Base 2.2.1 + sfnt_module_class@Base 2.2.1 + t1_builder_funcs@Base 2.2.1 + t1_cmap_classes@Base 2.2.1 + t1_cmap_custom_class_rec@Base 2.2.1 + t1_cmap_expert_class_rec@Base 2.2.1 + t1_cmap_standard_class_rec@Base 2.2.1 + t1_cmap_unicode_class_rec@Base 2.2.1 + t1_decoder_funcs@Base 2.2.1 + t1_driver_class@Base 2.2.1 + t1cid_driver_class@Base 2.2.1 + t42_driver_class@Base 2.2.1 + tt_cmap0_class_rec@Base 2.2.1 + tt_cmap10_class_rec@Base 2.2.1 + tt_cmap12_class_rec@Base 2.2.1 + tt_cmap13_class_rec@Base 2.3.11 + tt_cmap14_class_rec@Base 2.3.5 + tt_cmap2_class_rec@Base 2.2.1 + tt_cmap4_class_rec@Base 2.2.1 + tt_cmap6_class_rec@Base 2.2.1 + tt_cmap8_class_rec@Base 2.2.1 + tt_default_graphics_state@Base 2.2.1 + tt_driver_class@Base 2.2.1 + winfnt_driver_class@Base 2.2.1 --- freetype-2.5.2.orig/debian/multiarch.h.in +++ freetype-2.5.2/debian/multiarch.h.in @@ -0,0 +1,79 @@ +#if defined(__linux__) +# if defined(__x86_64__) && defined(__LP64__) +# include +# elif defined(__x86_64__) && defined(__ILP32__) +# include +# elif defined(__i386__) +# include +# elif defined(__aarch64__) && defined(__AARCH64EL__) +# include +# elif defined(__alpha__) +# include +# elif defined(__ARM_EABI__) && defined(__ARM_PCS_VFP) +# include +# elif defined(__ARM_EABI__) && !defined(__ARM_PCS_VFP) +# include +# elif defined(__hppa__) +# include +# elif defined(__ia64__) +# include +# elif defined(__m68k__) && !defined(__mcoldfire__) +# include +# elif defined(__mips_hard_float) && defined(_MIPSEL) +# if _MIPS_SIM == _ABIO32 +# include +# elif _MIPS_SIM == _ABIN32 +# include +# elif _MIPS_SIM == _ABI64 +# include +# else +# error unknown multiarch location for @header@ +# endif +# elif defined(__mips_hard_float) +# if _MIPS_SIM == _ABIO32 +# include +# elif _MIPS_SIM == _ABIN32 +# include +# elif _MIPS_SIM == _ABI64 +# include +# else +# error unknown multiarch location for @header@ +# endif +# elif defined(__or1k__) +# include +# elif defined(__powerpc__) && defined(__SPE__) +# include +# elif defined(__powerpc64__) +# if defined(__LITTLE_ENDIAN__) +# include +# else +# include +# endif +# elif defined(__powerpc__) +# include +# elif defined(__s390x__) +# include +# elif defined(__s390__) +# include +# elif defined(__sh__) && defined(__LITTLE_ENDIAN__) +# include +# elif defined(__sparc__) && defined(__arch64__) +# include +# elif defined(__sparc__) +# include +# else +# error unknown multiarch location for @header@ +# endif +#elif defined(__FreeBSD_kernel__) +# if defined(__LP64__) +# include +# elif defined(__i386__) +# include +# else +# error unknown multiarch location for @header@ +# endif +#elif defined(__gnu_hurd__) +# include +#else +# error unknown multiarch location for @header@ +#endif --- freetype-2.5.2.orig/debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch +++ freetype-2.5.2/debian/patches-freetype/0001-Fix-Savannah-bug-40997.patch @@ -0,0 +1,161 @@ +From 5f577462bd7cc8e2ca6fe4a1efecee6d8a95e7be Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 25 Dec 2013 08:50:50 +0100 +Subject: [PATCH] Fix Savannah bug #40997. + +* src/bdf/bdfdrivr.c (BDF_Face_Init): Only use OR operator to +adjust face flags since FT_FACE_FLAG_EXTERNAL_STREAM might already +be set. +* src/cff/cffobjs.c (cff_face_init): Ditto. +* src/cid/cidobjs.c (cid_face_init): Ditto. +* src/pcf/pcfread.c (pcf_load_font): Ditto. +* src/pfr/pfrobjs.c (pfr_face_init): Ditto. +* src/type1/t1objs.c (T1_Face_Init): Ditto. +* src/type42/t42objs.c (T42_Face_Init): Ditto. +* src/winfonts/winfnt.c (FNT_Face_Init): Ditto. +--- + src/bdf/bdfdrivr.c | 7 ++++--- + src/cff/cffobjs.c | 2 +- + src/cid/cidobjs.c | 7 ++++--- + src/pcf/pcfread.c | 7 ++++--- + src/pfr/pfrobjs.c | 3 ++- + src/type1/t1objs.c | 8 ++++---- + src/type42/t42objs.c | 6 +++--- + src/winfonts/winfnt.c | 4 ++-- + 9 files changed, 39 insertions(+), 20 deletions(-) + +diff --git a/src/bdf/bdfdrivr.c b/src/bdf/bdfdrivr.c +index caa142b..71150d7 100644 +--- a/src/bdf/bdfdrivr.c ++++ b/src/bdf/bdfdrivr.c +@@ -400,9 +400,10 @@ THE SOFTWARE. + + bdfface->num_faces = 1; + bdfface->face_index = 0; +- bdfface->face_flags = FT_FACE_FLAG_FIXED_SIZES | +- FT_FACE_FLAG_HORIZONTAL | +- FT_FACE_FLAG_FAST_GLYPHS; ++ ++ bdfface->face_flags |= FT_FACE_FLAG_FIXED_SIZES | ++ FT_FACE_FLAG_HORIZONTAL | ++ FT_FACE_FLAG_FAST_GLYPHS; + + prop = bdf_get_font_property( font, "SPACING" ); + if ( prop && prop->format == BDF_ATOM && +diff --git a/src/cff/cffobjs.c b/src/cff/cffobjs.c +index 29c3691..cac4ac2 100644 +--- a/src/cff/cffobjs.c ++++ b/src/cff/cffobjs.c +@@ -866,7 +866,7 @@ + flags |= FT_FACE_FLAG_KERNING; + #endif + +- cffface->face_flags = flags; ++ cffface->face_flags |= flags; + + /*******************************************************************/ + /* */ +diff --git a/src/cid/cidobjs.c b/src/cid/cidobjs.c +index 46555e2..5932ffa 100644 +--- a/src/cid/cidobjs.c ++++ b/src/cid/cidobjs.c +@@ -355,9 +355,10 @@ + cidface->num_charmaps = 0; + + cidface->face_index = face_index; +- cidface->face_flags = FT_FACE_FLAG_SCALABLE | /* scalable outlines */ +- FT_FACE_FLAG_HORIZONTAL | /* horizontal data */ +- FT_FACE_FLAG_HINTER; /* has native hinter */ ++ ++ cidface->face_flags |= FT_FACE_FLAG_SCALABLE | /* scalable outlines */ ++ FT_FACE_FLAG_HORIZONTAL | /* horizontal data */ ++ FT_FACE_FLAG_HINTER; /* has native hinter */ + + if ( info->is_fixed_pitch ) + cidface->face_flags |= FT_FACE_FLAG_FIXED_WIDTH; +diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c +index ee41c5d..d936c58 100644 +--- a/src/pcf/pcfread.c ++++ b/src/pcf/pcfread.c +@@ -1153,9 +1153,10 @@ THE SOFTWARE. + + root->num_faces = 1; + root->face_index = 0; +- root->face_flags = FT_FACE_FLAG_FIXED_SIZES | +- FT_FACE_FLAG_HORIZONTAL | +- FT_FACE_FLAG_FAST_GLYPHS; ++ ++ root->face_flags |= FT_FACE_FLAG_FIXED_SIZES | ++ FT_FACE_FLAG_HORIZONTAL | ++ FT_FACE_FLAG_FAST_GLYPHS; + + if ( face->accel.constantWidth ) + root->face_flags |= FT_FACE_FLAG_FIXED_WIDTH; +diff --git a/src/pfr/pfrobjs.c b/src/pfr/pfrobjs.c +index 8d3cd29..194d2df 100644 +--- a/src/pfr/pfrobjs.c ++++ b/src/pfr/pfrobjs.c +@@ -137,7 +137,8 @@ + + pfrface->face_index = face_index; + pfrface->num_glyphs = phy_font->num_chars + 1; +- pfrface->face_flags = FT_FACE_FLAG_SCALABLE; ++ ++ pfrface->face_flags |= FT_FACE_FLAG_SCALABLE; + + /* if all characters point to the same gps_offset 0, we */ + /* assume that the font only contains bitmaps */ +diff --git a/src/type1/t1objs.c b/src/type1/t1objs.c +index 837b791..e11770f 100644 +--- a/src/type1/t1objs.c ++++ b/src/type1/t1objs.c +@@ -364,10 +364,10 @@ + root->num_glyphs = type1->num_glyphs; + root->face_index = 0; + +- root->face_flags = FT_FACE_FLAG_SCALABLE | +- FT_FACE_FLAG_HORIZONTAL | +- FT_FACE_FLAG_GLYPH_NAMES | +- FT_FACE_FLAG_HINTER; ++ root->face_flags |= FT_FACE_FLAG_SCALABLE | ++ FT_FACE_FLAG_HORIZONTAL | ++ FT_FACE_FLAG_GLYPH_NAMES | ++ FT_FACE_FLAG_HINTER; + + if ( info->is_fixed_pitch ) + root->face_flags |= FT_FACE_FLAG_FIXED_WIDTH; +diff --git a/src/type42/t42objs.c b/src/type42/t42objs.c +index f5aa2ca..798ebdb 100644 +--- a/src/type42/t42objs.c ++++ b/src/type42/t42objs.c +@@ -218,9 +218,9 @@ + root->num_charmaps = 0; + root->face_index = 0; + +- root->face_flags = FT_FACE_FLAG_SCALABLE | +- FT_FACE_FLAG_HORIZONTAL | +- FT_FACE_FLAG_GLYPH_NAMES; ++ root->face_flags |= FT_FACE_FLAG_SCALABLE | ++ FT_FACE_FLAG_HORIZONTAL | ++ FT_FACE_FLAG_GLYPH_NAMES; + + if ( info->is_fixed_pitch ) + root->face_flags |= FT_FACE_FLAG_FIXED_WIDTH; +diff --git a/src/winfonts/winfnt.c b/src/winfonts/winfnt.c +index 6843243..fd6fc55 100644 +--- a/src/winfonts/winfnt.c ++++ b/src/winfonts/winfnt.c +@@ -743,8 +743,8 @@ + + root->face_index = face_index; + +- root->face_flags = FT_FACE_FLAG_FIXED_SIZES | +- FT_FACE_FLAG_HORIZONTAL; ++ root->face_flags |= FT_FACE_FLAG_FIXED_SIZES | ++ FT_FACE_FLAG_HORIZONTAL; + + if ( font->header.avg_width == font->header.max_width ) + root->face_flags |= FT_FACE_FLAG_FIXED_WIDTH; +-- +1.9.1 + --- freetype-2.5.2.orig/debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch +++ freetype-2.5.2/debian/patches-freetype/0002-Fix-Savannah-bug-42418.patch @@ -0,0 +1,627 @@ +From 98e510ee94e552e9e9f80891aa87b2b472d0f276 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Origin: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/patch/?id=98e510ee94e552e9e9f80891aa87b2b472d0f276 +Bug: https://savannah.nongnu.org/bugs/?42148 +Bug-Ubuntu: https://launchpad.net/bugs/1310017 +Date: Sun, 20 Apr 2014 20:11:27 +0000 +Subject: [autofit] Fix Savannah bug #42148. + +(The original patch is modified to fit in version shipped with Ubuntu.) + +The adaptation of the cjk auto-hinter module to blue stringsets in +2013-08-25 had three severe bugs. Mea culpa. + +1. Contrary to the latin auto-hinter, characters for reference and + overshoot values of a blue zone are specified separately. Due to + the screwed-up change it didn't work at all. + +2. A boolean comparison was erroneously replaced with a cast, + causing invalid results with the `^' operator later on. The + visual artifact caused by this problem is the topic of the bug + report. + +3. Two flag values were inverted, causing incorrect assignment of + reference and overshoot values. + +* src/autofit/afblue.dat: Fix CJK bluestrings, introducing a new +syntax to have both reference and overshoot characters in a single +string. This is error #1. +Add extensive comments. + +* src/autofit/afblue.hin (AF_BLUE_PROPERTY_CJK_FILL): Removed, no +longer used. +(AF_BLUE_PROPERTY_CJK_TOP, AF_BLUE_PROPERTY_CJK_HORIZ): Fix values. +This is error #3. + +* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated. + +* src/autofit/afcjk.c (af_cjk_metrics_init_blues): Correct error #1. +Use character `|' to separate characters for reference and overshoot +values. +Improve tracing messages, synchronizing them with the latin +auto-hinter. +(af_cjk_hints_compute_blue_edges): Fix value of `is_top_right_blue'. +This is error #2. +(af_cjk_align_linked_edge): Add tracing message. + +* src/autofit/afcjk.h (AF_CJK_IS_FILLED_BLUE): Removed, no longer +used. +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,46 @@ ++2014-04-20 Werner Lemberg ++ ++ [autofit] Fix Savannah bug #42148. ++ ++ The adaptation of the cjk auto-hinter module to blue stringsets in ++ 2013-08-25 had three severe bugs. Mea culpa. ++ ++ 1. Contrary to the latin auto-hinter, characters for reference and ++ overshoot values of a blue zone are specified separately. Due to ++ the screwed-up change it didn't work at all. ++ ++ 2. A boolean comparison was erroneously replaced with a cast, ++ causing invalid results with the `^' operator later on. The ++ visual artifact caused by this problem is the topic of the bug ++ report. ++ ++ 3. Two flag values were inverted, causing incorrect assignment of ++ reference and overshoot values. ++ ++ * src/autofit/afblue.dat: Fix CJK bluestrings, introducing a new ++ syntax to have both reference and overshoot characters in a single ++ string. This is error #1. ++ Add extensive comments. ++ ++ * src/autofit/afblue.hin (AF_BLUE_PROPERTY_CJK_FILL): Removed, no ++ longer used. ++ (AF_BLUE_PROPERTY_CJK_TOP, AF_BLUE_PROPERTY_CJK_HORIZ): Fix values. ++ This is error #3. ++ ++ * src/autofit/afblue.c, src/autofit/afblue.h: Regenerated. ++ ++ * src/autofit/afcjk.c (af_cjk_metrics_init_blues): Correct error #1. ++ Use character `|' to separate characters for reference and overshoot ++ values. ++ Improve tracing messages, synchronizing them with the latin ++ auto-hinter. ++ (af_cjk_hints_compute_blue_edges): Fix value of `is_top_right_blue'. ++ This is error #2. ++ (af_cjk_align_linked_edge): Add tracing message. ++ ++ * src/autofit/afcjk.h (AF_CJK_IS_FILLED_BLUE): Removed, no longer ++ used. ++ + 2013-12-08 Werner Lemberg + + * Version 2.5.2 released. +--- a/src/autofit/afblue.c ++++ b/src/autofit/afblue.c +@@ -64,8 +64,7 @@ + '\xE4', '\xBB', '\x96', '\xE4', '\xBB', '\xAC', '\xE4', '\xBD', '\xA0', '\xE4', '\xBE', '\x86', '\xE5', '\x80', '\x91', '\xE5', '\x88', '\xB0', '\xE5', '\x92', '\x8C', '\xE5', '\x9C', '\xB0', /* 他们你來們到和地 */ + '\xE5', '\xAF', '\xB9', '\xE5', '\xB0', '\x8D', '\xE5', '\xB0', '\xB1', '\xE5', '\xB8', '\xAD', '\xE6', '\x88', '\x91', '\xE6', '\x97', '\xB6', '\xE6', '\x99', '\x82', '\xE6', '\x9C', '\x83', /* 对對就席我时時會 */ + '\xE6', '\x9D', '\xA5', '\xE7', '\x82', '\xBA', '\xE8', '\x83', '\xBD', '\xE8', '\x88', '\xB0', '\xE8', '\xAA', '\xAA', '\xE8', '\xAF', '\xB4', '\xE8', '\xBF', '\x99', '\xE9', '\x80', '\x99', /* 来為能舰說说这這 */ +- '\xE9', '\xBD', '\x8A', /* 齊 */ +- '\0', ++ '\xE9', '\xBD', '\x8A', '|', /* 齊 | */ + '\xE5', '\x86', '\x9B', '\xE5', '\x90', '\x8C', '\xE5', '\xB7', '\xB2', '\xE6', '\x84', '\xBF', '\xE6', '\x97', '\xA2', '\xE6', '\x98', '\x9F', '\xE6', '\x98', '\xAF', '\xE6', '\x99', '\xAF', /* 军同已愿既星是景 */ + '\xE6', '\xB0', '\x91', '\xE7', '\x85', '\xA7', '\xE7', '\x8E', '\xB0', '\xE7', '\x8F', '\xBE', '\xE7', '\x90', '\x86', '\xE7', '\x94', '\xA8', '\xE7', '\xBD', '\xAE', '\xE8', '\xA6', '\x81', /* 民照现現理用置要 */ + '\xE8', '\xBB', '\x8D', '\xE9', '\x82', '\xA3', '\xE9', '\x85', '\x8D', '\xE9', '\x87', '\x8C', '\xE9', '\x96', '\x8B', '\xE9', '\x9B', '\xB7', '\xE9', '\x9C', '\xB2', '\xE9', '\x9D', '\xA2', /* 軍那配里開雷露面 */ +@@ -74,8 +73,7 @@ + '\xE4', '\xB8', '\xAA', '\xE4', '\xB8', '\xBA', '\xE4', '\xBA', '\xBA', '\xE4', '\xBB', '\x96', '\xE4', '\xBB', '\xA5', '\xE4', '\xBB', '\xAC', '\xE4', '\xBD', '\xA0', '\xE4', '\xBE', '\x86', /* 个为人他以们你來 */ + '\xE5', '\x80', '\x8B', '\xE5', '\x80', '\x91', '\xE5', '\x88', '\xB0', '\xE5', '\x92', '\x8C', '\xE5', '\xA4', '\xA7', '\xE5', '\xAF', '\xB9', '\xE5', '\xB0', '\x8D', '\xE5', '\xB0', '\xB1', /* 個們到和大对對就 */ + '\xE6', '\x88', '\x91', '\xE6', '\x97', '\xB6', '\xE6', '\x99', '\x82', '\xE6', '\x9C', '\x89', '\xE6', '\x9D', '\xA5', '\xE7', '\x82', '\xBA', '\xE8', '\xA6', '\x81', '\xE8', '\xAA', '\xAA', /* 我时時有来為要說 */ +- '\xE8', '\xAF', '\xB4', /* 说 */ +- '\0', ++ '\xE8', '\xAF', '\xB4', '|', /* 说 | */ + '\xE4', '\xB8', '\xBB', '\xE4', '\xBA', '\x9B', '\xE5', '\x9B', '\xA0', '\xE5', '\xAE', '\x83', '\xE6', '\x83', '\xB3', '\xE6', '\x84', '\x8F', '\xE7', '\x90', '\x86', '\xE7', '\x94', '\x9F', /* 主些因它想意理生 */ + '\xE7', '\x95', '\xB6', '\xE7', '\x9C', '\x8B', '\xE7', '\x9D', '\x80', '\xE7', '\xBD', '\xAE', '\xE8', '\x80', '\x85', '\xE8', '\x87', '\xAA', '\xE8', '\x91', '\x97', '\xE8', '\xA3', '\xA1', /* 當看着置者自著裡 */ + '\xE8', '\xBF', '\x87', '\xE8', '\xBF', '\x98', '\xE8', '\xBF', '\x9B', '\xE9', '\x80', '\xB2', '\xE9', '\x81', '\x8E', '\xE9', '\x81', '\x93', '\xE9', '\x82', '\x84', '\xE9', '\x87', '\x8C', /* 过还进進過道還里 */ +@@ -85,8 +83,7 @@ + '\xE4', '\xBA', '\x9B', '\xE4', '\xBB', '\xAC', '\xE4', '\xBD', '\xA0', '\xE4', '\xBE', '\x86', '\xE5', '\x80', '\x91', '\xE5', '\x88', '\xB0', '\xE5', '\x92', '\x8C', '\xE5', '\x9C', '\xB0', /* 些们你來們到和地 */ + '\xE5', '\xA5', '\xB9', '\xE5', '\xB0', '\x86', '\xE5', '\xB0', '\x87', '\xE5', '\xB0', '\xB1', '\xE5', '\xB9', '\xB4', '\xE5', '\xBE', '\x97', '\xE6', '\x83', '\x85', '\xE6', '\x9C', '\x80', /* 她将將就年得情最 */ + '\xE6', '\xA0', '\xB7', '\xE6', '\xA8', '\xA3', '\xE7', '\x90', '\x86', '\xE8', '\x83', '\xBD', '\xE8', '\xAA', '\xAA', '\xE8', '\xAF', '\xB4', '\xE8', '\xBF', '\x99', '\xE9', '\x80', '\x99', /* 样樣理能說说这這 */ +- '\xE9', '\x80', '\x9A', /* 通 */ +- '\0', ++ '\xE9', '\x80', '\x9A', '|', /* 通 | */ + '\xE5', '\x8D', '\xB3', '\xE5', '\x90', '\x97', '\xE5', '\x90', '\xA7', '\xE5', '\x90', '\xAC', '\xE5', '\x91', '\xA2', '\xE5', '\x93', '\x81', '\xE5', '\x93', '\x8D', '\xE5', '\x97', '\x8E', /* 即吗吧听呢品响嗎 */ + '\xE5', '\xB8', '\x88', '\xE5', '\xB8', '\xAB', '\xE6', '\x94', '\xB6', '\xE6', '\x96', '\xAD', '\xE6', '\x96', '\xB7', '\xE6', '\x98', '\x8E', '\xE7', '\x9C', '\xBC', '\xE9', '\x96', '\x93', /* 师師收断斷明眼間 */ + '\xE9', '\x97', '\xB4', '\xE9', '\x99', '\x85', '\xE9', '\x99', '\x88', '\xE9', '\x99', '\x90', '\xE9', '\x99', '\xA4', '\xE9', '\x99', '\xB3', '\xE9', '\x9A', '\x8F', '\xE9', '\x9A', '\x9B', /* 间际陈限除陳随際 */ +@@ -95,8 +92,7 @@ + '\xE4', '\xBA', '\x8B', '\xE5', '\x89', '\x8D', '\xE5', '\xAD', '\xB8', '\xE5', '\xB0', '\x86', '\xE5', '\xB0', '\x87', '\xE6', '\x83', '\x85', '\xE6', '\x83', '\xB3', '\xE6', '\x88', '\x96', /* 事前學将將情想或 */ + '\xE6', '\x94', '\xBF', '\xE6', '\x96', '\xAF', '\xE6', '\x96', '\xB0', '\xE6', '\xA0', '\xB7', '\xE6', '\xA8', '\xA3', '\xE6', '\xB0', '\x91', '\xE6', '\xB2', '\x92', '\xE6', '\xB2', '\xA1', /* 政斯新样樣民沒没 */ + '\xE7', '\x84', '\xB6', '\xE7', '\x89', '\xB9', '\xE7', '\x8E', '\xB0', '\xE7', '\x8F', '\xBE', '\xE7', '\x90', '\x83', '\xE7', '\xAC', '\xAC', '\xE7', '\xB6', '\x93', '\xE8', '\xB0', '\x81', /* 然特现現球第經谁 */ +- '\xE8', '\xB5', '\xB7', /* 起 */ +- '\0', ++ '\xE8', '\xB5', '\xB7', '|', /* 起 | */ + '\xE4', '\xBE', '\x8B', '\xE5', '\x88', '\xA5', '\xE5', '\x88', '\xAB', '\xE5', '\x88', '\xB6', '\xE5', '\x8A', '\xA8', '\xE5', '\x8B', '\x95', '\xE5', '\x90', '\x97', '\xE5', '\x97', '\x8E', /* 例別别制动動吗嗎 */ + '\xE5', '\xA2', '\x9E', '\xE6', '\x8C', '\x87', '\xE6', '\x98', '\x8E', '\xE6', '\x9C', '\x9D', '\xE6', '\x9C', '\x9F', '\xE6', '\x9E', '\x84', '\xE7', '\x89', '\xA9', '\xE7', '\xA1', '\xAE', /* 增指明朝期构物确 */ + '\xE7', '\xA7', '\x8D', '\xE8', '\xAA', '\xBF', '\xE8', '\xB0', '\x83', '\xE8', '\xB2', '\xBB', '\xE8', '\xB4', '\xB9', '\xE9', '\x82', '\xA3', '\xE9', '\x83', '\xBD', '\xE9', '\x96', '\x93', /* 种調调費费那都間 */ +@@ -142,22 +138,14 @@ + { AF_BLUE_STRING_HEBREW_DESCENDER, 0 }, + { AF_BLUE_STRING_MAX, 0 }, + #ifdef AF_CONFIG_OPTION_CJK +- { AF_BLUE_STRING_CJK_TOP_FILL, AF_BLUE_PROPERTY_CJK_TOP | +- AF_BLUE_PROPERTY_CJK_FILL }, +- { AF_BLUE_STRING_CJK_TOP_UNFILL, AF_BLUE_PROPERTY_CJK_TOP }, +- { AF_BLUE_STRING_CJK_BOTTOM_FILL, AF_BLUE_PROPERTY_CJK_FILL }, +- { AF_BLUE_STRING_CJK_BOTTOM_UNFILL, 0 }, ++ { AF_BLUE_STRING_CJK_TOP, AF_BLUE_PROPERTY_CJK_TOP }, ++ { AF_BLUE_STRING_CJK_BOTTOM, 0 }, + #ifdef AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT +- { AF_BLUE_STRING_CJK_LEFT_FILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_FILL }, +- { AF_BLUE_STRING_CJK_LEFT_UNFILL, AF_BLUE_PROPERTY_CJK_HORIZ }, +- { AF_BLUE_STRING_CJK_RIGHT_FILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_RIGHT | +- AF_BLUE_PROPERTY_CJK_FILL }, +- { AF_BLUE_STRING_CJK_RIGHT_UNFILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_RIGHT }, ++ { AF_BLUE_STRING_CJK_LEFT, AF_BLUE_PROPERTY_CJK_HORIZ }, ++ { AF_BLUE_STRING_CJK_RIGHT, AF_BLUE_PROPERTY_CJK_HORIZ | ++ AF_BLUE_PROPERTY_CJK_RIGHT }, + #endif /* AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT */ +- { AF_BLUE_STRING_MAX, 0 }, ++ { AF_BLUE_STRING_MAX, 0 }, + #endif /* AF_CONFIG_OPTION_CJK */ + + }; +--- a/src/autofit/afblue.dat ++++ b/src/autofit/afblue.dat +@@ -2,7 +2,7 @@ + // + // Auto-fitter data for blue strings. + // +-// Copyright 2013 by ++// Copyright 2013, 2014 by + // David Turner, Robert Wilhelm, and Werner Lemberg. + // + // This file is part of the FreeType project, and may only be used, +@@ -63,6 +63,8 @@ + // characters, not bytes. + + ++// The blue zone string data, to be used in the blue stringsets below. ++ + AF_BLUE_STRING_ENUM AF_BLUE_STRINGS_ARRAY AF_BLUE_STRING_MAX_LEN: + + AF_BLUE_STRING_LATIN_CAPITAL_TOP +@@ -105,22 +107,20 @@ + + #ifdef AF_CONFIG_OPTION_CJK + +- AF_BLUE_STRING_CJK_TOP_FILL ++ AF_BLUE_STRING_CJK_TOP + "他们你來們到和地" + "对對就席我时時會" + "来為能舰說说这這" +- "齊" +- AF_BLUE_STRING_CJK_TOP_UNFILL ++ "齊 |" + "军同已愿既星是景" + "民照现現理用置要" + "軍那配里開雷露面" + "顾" +- AF_BLUE_STRING_CJK_BOTTOM_FILL ++ AF_BLUE_STRING_CJK_BOTTOM + "个为人他以们你來" + "個們到和大对對就" + "我时時有来為要說" +- "说" +- AF_BLUE_STRING_CJK_BOTTOM_UNFILL ++ "说 |" + "主些因它想意理生" + "當看着置者自著裡" + "过还进進過道還里" +@@ -128,22 +128,20 @@ + + #ifdef AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT + +- AF_BLUE_STRING_CJK_LEFT_FILL ++ AF_BLUE_STRING_CJK_LEFT + "些们你來們到和地" + "她将將就年得情最" + "样樣理能說说这這" +- "通" +- AF_BLUE_STRING_CJK_LEFT_UNFILL ++ "通 |" + "即吗吧听呢品响嗎" + "师師收断斷明眼間" + "间际陈限除陳随際" + "隨" +- AF_BLUE_STRING_CJK_RIGHT_FILL ++ AF_BLUE_STRING_CJK_RIGHT + "事前學将將情想或" + "政斯新样樣民沒没" + "然特现現球第經谁" +- "起" +- AF_BLUE_STRING_CJK_RIGHT_UNFILL ++ "起 |" + "例別别制动動吗嗎" + "增指明朝期构物确" + "种調调費费那都間" +@@ -154,6 +152,79 @@ + #endif /* AF_CONFIG_OPTION_CJK */ + + ++// The blue zone stringsets, as used in the script styles, cf. `afstyles.h'. ++// ++// The AF_BLUE_PROPERTY_XXX flags are defined in `afblue.h'; here some ++// explanations. ++// ++// A blue zone in general is defined by a reference and an overshoot line. ++// During the hinting process, all coordinate values between those two lines ++// are set equal to the reference value, provided that the blue zone is not ++// wider than 0.75 pixels (otherwise the blue zone gets ignored). All ++// entries must have `AF_BLUE_STRING_MAX' as the final line. ++// ++// ++// latin auto-hinter ++// ----------------- ++// ++// Characters in a blue string are automatically classified as having a flat ++// (reference) or a round (overshoot) extremum. The blue zone is then set ++// up by the mean values of all flat extrema and all round extrema, ++// respectively. Only horizontal blue zones (i.e., adjusting vertical ++// coordinate values) are supported. ++// ++// For the latin auto-hinter, the overshoot should be larger than the ++// reference for top zones, and vice versa for bottom zones. ++// ++// LATIN_TOP ++// Take the maximum flat and round coordinate values of the blue string ++// characters. If not set, take the minimum values. ++// ++// LATIN_X_HEIGHT ++// Scale all glyphs vertically from the corresponding script to make the ++// reference line of this blue zone align on the grid. The scaling ++// takes place before all other blue zones get aligned to the grid. ++// Only one blue character string of a script style can have this flag. ++// ++// LATIN_LONG ++// Apply an additional constraint for blue zone values: Don't ++// necessarily use the extremum as-is but a segment of the topmost (or ++// bottommost) contour that is longer than a heuristic threshold, and ++// which is not too far away vertically from the real extremum. This ++// ensures that small bumps in the outline are ignored (for example, the ++// `vertical serifs' found in many Hebrew glyph designs). ++// ++// The segment must be at least EM/25 font units long, and the distance ++// to the extremum must be smaller than EM/4. ++// ++// ++// cjk auto-hinter ++// --------------- ++// ++// Characters in a blue string are *not* automatically classified. Instead, ++// first come the characters used for the overshoot value, then the ++// character `|', then the characters used for the reference value. The ++// blue zone is then set up by the mean values of all reference values and ++// all overshoot values, respectively. Both horizontal and vertical blue ++// zones (i.e., adjusting vertical and horizontal coordinate values, ++// respectively) are supported. ++// ++// For the cjk auto-hinter, the overshoot should be smaller than the ++// reference for top zones, and vice versa for bottom zones. ++// ++// CJK_TOP ++// Take the maximum flat and round coordinate values of the blue string ++// characters. If not set, take the minimum values. ++// ++// CJK_RIGHT ++// A synonym for CJK_TOP. If CJK_HORIZ is set, this flag indicates the ++// right blue zone, taking horizontal maximum values. ++// ++// CJK_HORIZ ++// Define a blue zone for horizontal hinting (i.e., vertical blue ++// zones). If not set, this is a blue zone for vertical hinting. ++ ++ + AF_BLUE_STRINGSET_ENUM AF_BLUE_STRINGSETS_ARRAY AF_BLUE_STRINGSET_MAX_LEN: + + AF_BLUE_STRINGSET_LATN +@@ -195,22 +266,14 @@ + #ifdef AF_CONFIG_OPTION_CJK + + AF_BLUE_STRINGSET_HANI +- { AF_BLUE_STRING_CJK_TOP_FILL, AF_BLUE_PROPERTY_CJK_TOP | +- AF_BLUE_PROPERTY_CJK_FILL } +- { AF_BLUE_STRING_CJK_TOP_UNFILL, AF_BLUE_PROPERTY_CJK_TOP } +- { AF_BLUE_STRING_CJK_BOTTOM_FILL, AF_BLUE_PROPERTY_CJK_FILL } +- { AF_BLUE_STRING_CJK_BOTTOM_UNFILL, 0 } ++ { AF_BLUE_STRING_CJK_TOP, AF_BLUE_PROPERTY_CJK_TOP } ++ { AF_BLUE_STRING_CJK_BOTTOM, 0 } + #ifdef AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT +- { AF_BLUE_STRING_CJK_LEFT_FILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_FILL } +- { AF_BLUE_STRING_CJK_LEFT_UNFILL, AF_BLUE_PROPERTY_CJK_HORIZ } +- { AF_BLUE_STRING_CJK_RIGHT_FILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_RIGHT | +- AF_BLUE_PROPERTY_CJK_FILL } +- { AF_BLUE_STRING_CJK_RIGHT_UNFILL, AF_BLUE_PROPERTY_CJK_HORIZ | +- AF_BLUE_PROPERTY_CJK_RIGHT } ++ { AF_BLUE_STRING_CJK_LEFT, AF_BLUE_PROPERTY_CJK_HORIZ } ++ { AF_BLUE_STRING_CJK_RIGHT, AF_BLUE_PROPERTY_CJK_HORIZ | ++ AF_BLUE_PROPERTY_CJK_RIGHT } + #endif /* AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT */ +- { AF_BLUE_STRING_MAX, 0 } ++ { AF_BLUE_STRING_MAX, 0 } + + #endif /* AF_CONFIG_OPTION_CJK */ + +--- a/src/autofit/afblue.h ++++ b/src/autofit/afblue.h +@@ -7,7 +7,7 @@ + /* */ + /* Auto-fitter data for blue strings (specification). */ + /* */ +-/* Copyright 2013 by */ ++/* Copyright 2013, 2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -67,7 +67,7 @@ + /* At the bottommost level, we define strings for finding blue zones. */ + + +-#define AF_BLUE_STRING_MAX_LEN 25 ++#define AF_BLUE_STRING_MAX_LEN 52 + + /* The AF_Blue_String enumeration values are offsets into the */ + /* `af_blue_strings' array. */ +@@ -93,17 +93,13 @@ + AF_BLUE_STRING_HEBREW_DESCENDER = 203, + af_blue_1_1 = 213, + #ifdef AF_CONFIG_OPTION_CJK +- AF_BLUE_STRING_CJK_TOP_FILL = af_blue_1_1 + 1, +- AF_BLUE_STRING_CJK_TOP_UNFILL = af_blue_1_1 + 77, +- AF_BLUE_STRING_CJK_BOTTOM_FILL = af_blue_1_1 + 153, +- AF_BLUE_STRING_CJK_BOTTOM_UNFILL = af_blue_1_1 + 229, +- af_blue_1_1_1 = af_blue_1_1 + 304, ++ AF_BLUE_STRING_CJK_TOP = af_blue_1_1 + 1, ++ AF_BLUE_STRING_CJK_BOTTOM = af_blue_1_1 + 154, ++ af_blue_1_1_1 = af_blue_1_1 + 306, + #ifdef AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT +- AF_BLUE_STRING_CJK_LEFT_FILL = af_blue_1_1_1 + 1, +- AF_BLUE_STRING_CJK_LEFT_UNFILL = af_blue_1_1_1 + 77, +- AF_BLUE_STRING_CJK_RIGHT_FILL = af_blue_1_1_1 + 153, +- AF_BLUE_STRING_CJK_RIGHT_UNFILL = af_blue_1_1_1 + 229, +- af_blue_1_2_1 = af_blue_1_1_1 + 304, ++ AF_BLUE_STRING_CJK_LEFT = af_blue_1_1_1 + 1, ++ AF_BLUE_STRING_CJK_RIGHT = af_blue_1_1_1 + 154, ++ af_blue_1_2_1 = af_blue_1_1_1 + 306, + #else + af_blue_1_2_1 = af_blue_1_1_1 + 0, + #endif /* AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT */ +@@ -140,13 +136,12 @@ + #define AF_BLUE_PROPERTY_LATIN_X_HEIGHT ( 1 << 1 ) + #define AF_BLUE_PROPERTY_LATIN_LONG ( 1 << 2 ) + +-#define AF_BLUE_PROPERTY_CJK_HORIZ ( 1 << 0 ) +-#define AF_BLUE_PROPERTY_CJK_TOP ( 1 << 1 ) +-#define AF_BLUE_PROPERTY_CJK_FILL ( 1 << 2 ) ++#define AF_BLUE_PROPERTY_CJK_TOP ( 1 << 0 ) ++#define AF_BLUE_PROPERTY_CJK_HORIZ ( 1 << 1 ) + #define AF_BLUE_PROPERTY_CJK_RIGHT AF_BLUE_PROPERTY_CJK_TOP + + +-#define AF_BLUE_STRINGSET_MAX_LEN 9 ++#define AF_BLUE_STRINGSET_MAX_LEN 7 + + /* The AF_Blue_Stringset enumeration values are offsets into the */ + /* `af_blue_stringsets' array. */ +@@ -160,9 +155,9 @@ + af_blue_2_1 = 24, + #ifdef AF_CONFIG_OPTION_CJK + AF_BLUE_STRINGSET_HANI = af_blue_2_1 + 0, +- af_blue_2_1_1 = af_blue_2_1 + 4, ++ af_blue_2_1_1 = af_blue_2_1 + 2, + #ifdef AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT +- af_blue_2_2_1 = af_blue_2_1_1 + 4, ++ af_blue_2_2_1 = af_blue_2_1_1 + 2, + #else + af_blue_2_2_1 = af_blue_2_1_1 + 0, + #endif /* AF_CONFIG_OPTION_CJK_BLUE_HANI_VERT */ +--- a/src/autofit/afblue.hin ++++ b/src/autofit/afblue.hin +@@ -4,7 +4,7 @@ + /* */ + /* Auto-fitter data for blue strings (specification). */ + /* */ +-/* Copyright 2013 by */ ++/* Copyright 2013, 2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -100,9 +100,8 @@ + #define AF_BLUE_PROPERTY_LATIN_X_HEIGHT ( 1 << 1 ) + #define AF_BLUE_PROPERTY_LATIN_LONG ( 1 << 2 ) + +-#define AF_BLUE_PROPERTY_CJK_HORIZ ( 1 << 0 ) +-#define AF_BLUE_PROPERTY_CJK_TOP ( 1 << 1 ) +-#define AF_BLUE_PROPERTY_CJK_FILL ( 1 << 2 ) ++#define AF_BLUE_PROPERTY_CJK_TOP ( 1 << 0 ) ++#define AF_BLUE_PROPERTY_CJK_HORIZ ( 1 << 1 ) + #define AF_BLUE_PROPERTY_CJK_RIGHT AF_BLUE_PROPERTY_CJK_TOP + + +--- a/src/autofit/afcjk.c ++++ b/src/autofit/afcjk.c +@@ -221,6 +221,8 @@ + FT_Int num_fills; + FT_Int num_flats; + ++ FT_Bool fill; ++ + AF_CJKBlue blue; + FT_Error error; + AF_CJKAxis axis; +@@ -229,22 +231,6 @@ + AF_Blue_Stringset bss = metrics->root.script_class->blue_stringset; + const AF_Blue_StringRec* bs = &af_blue_stringsets[bss]; + +-#ifdef FT_DEBUG_LEVEL_TRACE +- FT_String* cjk_blue_name[4] = +- { +- (FT_String*)"bottom", /* -- , -- */ +- (FT_String*)"top", /* -- , TOP */ +- (FT_String*)"left", /* HORIZ, -- */ +- (FT_String*)"right" /* HORIZ, TOP */ +- }; +- +- FT_String* cjk_blue_type_name[2] = +- { +- (FT_String*)"unfilled", /* -- */ +- (FT_String*)"filled" /* FILL */ +- }; +-#endif +- + + /* we walk over the blue character strings as specified in the */ + /* script's entry in the `af_blue_stringset' array, computing its */ +@@ -266,15 +252,29 @@ + else + axis = &metrics->axis[AF_DIMENSION_VERT]; + +- FT_TRACE5(( "blue zone %d:\n", axis->blue_count )); ++#ifdef FT_DEBUG_LEVEL_TRACE ++ { ++ FT_String* cjk_blue_name[4] = ++ { ++ (FT_String*)"bottom", /* -- , -- */ ++ (FT_String*)"top", /* -- , TOP */ ++ (FT_String*)"left", /* HORIZ, -- */ ++ (FT_String*)"right" /* HORIZ, TOP */ ++ }; ++ ++ ++ FT_TRACE5(( "blue zone %d (%s):\n", ++ axis->blue_count, ++ cjk_blue_name[AF_CJK_IS_HORIZ_BLUE( bs ) | ++ AF_CJK_IS_TOP_BLUE( bs ) ] )); ++ } ++#endif /* FT_DEBUG_LEVEL_TRACE */ + + num_fills = 0; + num_flats = 0; + +- FT_TRACE5(( " cjk blue %s/%s\n", +- cjk_blue_name[AF_CJK_IS_HORIZ_BLUE( bs ) | +- AF_CJK_IS_TOP_BLUE( bs ) ], +- cjk_blue_type_name[!!AF_CJK_IS_FILLED_BLUE( bs )] )); ++ fill = 1; /* start with characters that define fill values */ ++ FT_TRACE5(( " [overshoot values]\n" )); + + while ( *p ) + { +@@ -287,6 +287,14 @@ + + GET_UTF8_CHAR( ch, p ); + ++ /* switch to characters that define flat values */ ++ if ( ch == '|' ) ++ { ++ fill = 0; ++ FT_TRACE5(( " [reference values]\n" )); ++ continue; ++ } ++ + /* load the character in the face -- skip unknown or empty ones */ + glyph_index = FT_Get_Char_Index( face, ch ); + if ( glyph_index == 0 ) +@@ -374,7 +382,7 @@ + FT_TRACE5(( " U+%04lX: best_pos = %5ld\n", ch, best_pos )); + } + +- if ( AF_CJK_IS_FILLED_BLUE( bs ) ) ++ if ( fill ) + fills[num_fills++] = best_pos; + else + flats[num_flats++] = best_pos; +@@ -386,15 +394,15 @@ + * we couldn't find a single glyph to compute this blue zone, + * we will simply ignore it then + */ +- FT_TRACE5(( " empty\n" )); ++ FT_TRACE5(( " empty\n" )); + continue; + } + +- /* we have computed the contents of the `fill' and `flats' tables, */ +- /* now determine the reference position of the blue zone -- */ +- /* we simply take the median value after a simple sort */ +- af_sort_pos( num_flats, flats ); ++ /* we have computed the contents of the `fill' and `flats' tables, */ ++ /* now determine the reference and overshoot position of the blue -- */ ++ /* we simply take the median value after a simple sort */ + af_sort_pos( num_fills, fills ); ++ af_sort_pos( num_flats, flats ); + + blue = &axis->blues[axis->blue_count]; + blue_ref = &blue->ref.org; +@@ -433,7 +441,7 @@ + *blue_ref = + *blue_shoot = ( shoot + ref ) / 2; + +- FT_TRACE5(( " [overshoot smaller than reference," ++ FT_TRACE5(( " [reference smaller than overshoot," + " taking mean value]\n" )); + } + } +@@ -1186,8 +1194,10 @@ + /* zone, check for left edges */ + /* */ + /* of course, that's for TrueType */ +- is_top_right_blue = FT_BOOL( blue->flags & AF_CJK_BLUE_TOP ); +- is_major_dir = FT_BOOL( edge->dir == axis->major_dir ); ++ is_top_right_blue = ++ (FT_Byte)( ( blue->flags & AF_CJK_BLUE_TOP ) != 0 ); ++ is_major_dir = ++ FT_BOOL( edge->dir == axis->major_dir ); + + /* if it is a top zone, the edge must be against the major */ + /* direction; if it is a bottom zone, it must be in the major */ +@@ -1484,6 +1494,12 @@ + + + stem_edge->pos = base_edge->pos + fitted_width; ++ ++ FT_TRACE5(( " CJKLINK: edge %d @%d (opos=%.2f) linked to %.2f," ++ " dist was %.2f, now %.2f\n", ++ stem_edge - hints->axis[dim].edges, stem_edge->fpos, ++ stem_edge->opos / 64.0, stem_edge->pos / 64.0, ++ dist / 64.0, fitted_width / 64.0 )); + } + + +--- a/src/autofit/afcjk.h ++++ b/src/autofit/afcjk.h +@@ -4,7 +4,7 @@ + /* */ + /* Auto-fitter hinting routines for CJK script (specification). */ + /* */ +-/* Copyright 2006, 2007, 2011-2013 by */ ++/* Copyright 2006, 2007, 2011-2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -55,8 +55,6 @@ + ( (b)->properties & AF_BLUE_PROPERTY_CJK_TOP ) + #define AF_CJK_IS_HORIZ_BLUE( b ) \ + ( (b)->properties & AF_BLUE_PROPERTY_CJK_HORIZ ) +-#define AF_CJK_IS_FILLED_BLUE( b ) \ +- ( (b)->properties & AF_BLUE_PROPERTY_CJK_FILL ) + #define AF_CJK_IS_RIGHT_BLUE AF_CJK_IS_TOP_BLUE + + #define AF_CJK_MAX_WIDTHS 16 +--- a/src/autofit/aflatin.c ++++ b/src/autofit/aflatin.c +@@ -2099,7 +2099,7 @@ + + FT_TRACE5(( " LINK: edge %d (opos=%.2f) linked to %.2f," + " dist was %.2f, now %.2f\n", +- stem_edge-hints->axis[dim].edges, stem_edge->opos / 64.0, ++ stem_edge - hints->axis[dim].edges, stem_edge->opos / 64.0, + stem_edge->pos / 64.0, dist / 64.0, fitted_width / 64.0 )); + } + --- freetype-2.5.2.orig/debian/patches-freetype/0003-sfnt-Fix-Savannah-bug-43680.-CVE-2014-9656.patch +++ freetype-2.5.2/debian/patches-freetype/0003-sfnt-Fix-Savannah-bug-43680.-CVE-2014-9656.patch @@ -0,0 +1,33 @@ +From 6de5eb9ffbbad7065ce34b3c267f2f95e4f45ea1 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Mon, 24 Nov 2014 10:51:21 +0100 +Subject: [sfnt] Fix Savannah bug #43680. CVE-2014-9656 + +This adds an additional constraint to make the fix from 2013-01-25 +really work. + +* src/sfnt/ttsbit.c (tt_sbit_decoder_load_image) : +Check `p' before `num_glyphs'. + +(cherry picked from commit f0292bb9920aa1dbfed5f53861e7c7a89b35833a) +--- + freetype-2.5.2/src/sfnt/ttsbit.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git freetype-2.5.2/src/sfnt/ttsbit.c freetype-2.5.2/src/sfnt/ttsbit.c +index 7469ff1..38c680e 100644 +--- freetype-2.5.2/src/sfnt/ttsbit.c ++++ freetype-2.5.2/src/sfnt/ttsbit.c +@@ -1143,7 +1143,8 @@ + num_glyphs = FT_NEXT_ULONG( p ); + + /* overflow check for p + ( num_glyphs + 1 ) * 4 */ +- if ( num_glyphs > (FT_ULong)( ( ( p_limit - p ) >> 2 ) - 1 ) ) ++ if ( p + 4 > p_limit || ++ num_glyphs > (FT_ULong)( ( ( p_limit - p ) >> 2 ) - 1 ) ) + goto NoBitmap; + + for ( mm = 0; mm < num_glyphs; mm++ ) +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0004-truetype-Fix-Savannah-bug-43679.-CVE-2014-9657.patch +++ freetype-2.5.2/debian/patches-freetype/0004-truetype-Fix-Savannah-bug-43679.-CVE-2014-9657.patch @@ -0,0 +1,46 @@ +From aa9ce85c823ad7e26db3106df0a1bfa4cfd03b01 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Mon, 24 Nov 2014 10:22:08 +0100 +Subject: [truetype] Fix Savannah bug #43679. CVE-2014-9657 + +* src/truetype/ttpload.c (tt_face_load_hdmx): Check minimum size of +`record_size'. + +(cherry picked from commit eca0f067068020870a429fe91f6329e499390d55) +--- + freetype-2.5.2/src/truetype/ttpload.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git freetype-2.5.2/src/truetype/ttpload.c freetype-2.5.2/src/truetype/ttpload.c +index 9723a51..9991925 100644 +--- freetype-2.5.2/src/truetype/ttpload.c ++++ freetype-2.5.2/src/truetype/ttpload.c +@@ -508,9 +508,9 @@ + record_size = FT_NEXT_ULONG( p ); + + /* The maximum number of bytes in an hdmx device record is the */ +- /* maximum number of glyphs + 2; this is 0xFFFF + 2; this is */ +- /* the reason why `record_size' is a long (which we read as */ +- /* unsigned long for convenience). In practice, two bytes */ ++ /* maximum number of glyphs + 2; this is 0xFFFF + 2, thus */ ++ /* explaining why `record_size' is a long (which we read as */ ++ /* unsigned long for convenience). In practice, two bytes are */ + /* sufficient to hold the size value. */ + /* */ + /* There are at least two fonts, HANNOM-A and HANNOM-B version */ +@@ -522,8 +522,10 @@ + record_size &= 0xFFFFU; + + /* The limit for `num_records' is a heuristic value. */ +- +- if ( version != 0 || num_records > 255 || record_size > 0x10001L ) ++ if ( version != 0 || ++ num_records > 255 || ++ record_size > 0x10001L || ++ record_size < 4 ) + { + error = FT_THROW( Invalid_File_Format ); + goto Fail; +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0005-sfnt-Fix-Savannah-bug-43672.-CVE-2014-9658.patch +++ freetype-2.5.2/debian/patches-freetype/0005-sfnt-Fix-Savannah-bug-43672.-CVE-2014-9658.patch @@ -0,0 +1,29 @@ +From 19389867e134b069bb4462c0a930461a3dc6c2b9 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Mon, 24 Nov 2014 09:31:32 +0100 +Subject: [sfnt] Fix Savannah bug #43672. CVE-2014-9658 + +* src/sfnt/ttkern.c (tt_face_load_kern): Use correct value for +minimum table length test. + +(cherry picked from commit f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c) +--- + freetype-2.5.2/src/sfnt/ttkern.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git freetype-2.5.2/src/sfnt/ttkern.c freetype-2.5.2/src/sfnt/ttkern.c +index 32c4008..455e7b5 100644 +--- freetype-2.5.2/src/sfnt/ttkern.c ++++ freetype-2.5.2/src/sfnt/ttkern.c +@@ -99,7 +99,7 @@ + length = FT_NEXT_USHORT( p ); + coverage = FT_NEXT_USHORT( p ); + +- if ( length <= 6 ) ++ if ( length <= 6 + 8 ) + break; + + p_next += length; +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0006-cff-Fix-Savannah-bug-43661.-CVE-2014-9659.patch +++ freetype-2.5.2/debian/patches-freetype/0006-cff-Fix-Savannah-bug-43661.-CVE-2014-9659.patch @@ -0,0 +1,99 @@ +From 2c67877c034f28520d4daabf2d24ac94b2d47df0 Mon Sep 17 00:00:00 2001 +From: Dave Arnold +Date: Thu, 4 Dec 2014 06:10:16 +0100 +Subject: [cff] Fix Savannah bug #43661. CVE-2014-9659 + +* src/cff/cf2intrp.c (cf2_interpT2CharString) : Don't append to stem arrays after +hintmask is constructed. + +* src/cff/cf2hints.c (cf2_hintmap_build): Add defensive code to +avoid reading past end of hintmask. + +(cherry picked from commit 2cdc4562f873237f1c77d43540537c7a721d3fd8) +--- + freetype-2.5.2/src/cff/cf2hints.c | 5 ++++- + freetype-2.5.2/src/cff/cf2intrp.c | 21 ++++++++++++++------- + 2 files changed, 18 insertions(+), 8 deletions(-) + +diff --git freetype-2.5.2/src/cff/cf2hints.c freetype-2.5.2/src/cff/cf2hints.c +index 5f44161..ba28e0c 100644 +--- freetype-2.5.2/src/cff/cf2hints.c ++++ freetype-2.5.2/src/cff/cf2hints.c +@@ -792,9 +792,12 @@ + maskPtr = cf2_hintmask_getMaskPtr( &tempHintMask ); + + /* use the hStem hints only, which are first in the mask */ +- /* TODO: compare this to cffhintmaskGetBitCount */ + bitCount = cf2_arrstack_size( hStemHintArray ); + ++ /* Defense-in-depth. Should never return here. */ ++ if ( bitCount > hintMask->bitCount ) ++ return; ++ + /* synthetic embox hints get highest priority */ + if ( font->blues.doEmBoxHints ) + { +diff --git freetype-2.5.2/src/cff/cf2intrp.c freetype-2.5.2/src/cff/cf2intrp.c +index 5610917..a269606 100644 +--- freetype-2.5.2/src/cff/cf2intrp.c ++++ freetype-2.5.2/src/cff/cf2intrp.c +@@ -4,7 +4,7 @@ + /* */ + /* Adobe's CFF Interpreter (body). */ + /* */ +-/* Copyright 2007-2013 Adobe Systems Incorporated. */ ++/* Copyright 2007-2014 Adobe Systems Incorporated. */ + /* */ + /* This software, and all works of authorship, whether in source or */ + /* object code form as indicated by the copyright notice(s) included */ +@@ -593,8 +593,11 @@ + + /* never add hints after the mask is computed */ + if ( cf2_hintmask_isValid( &hintMask ) ) ++ { + FT_TRACE4(( "cf2_interpT2CharString:" + " invalid horizontal hint mask\n" )); ++ break; ++ } + + cf2_doStems( font, + opStack, +@@ -614,8 +617,11 @@ + + /* never add hints after the mask is computed */ + if ( cf2_hintmask_isValid( &hintMask ) ) ++ { + FT_TRACE4(( "cf2_interpT2CharString:" + " invalid vertical hint mask\n" )); ++ break; ++ } + + cf2_doStems( font, + opStack, +@@ -1141,15 +1147,16 @@ + /* `cf2_hintmask_read' (which also traces the mask bytes) */ + FT_TRACE4(( op1 == cf2_cmdCNTRMASK ? " cntrmask" : " hintmask" )); + +- /* if there are arguments on the stack, there this is an */ +- /* implied cf2_cmdVSTEMHM */ +- if ( cf2_stack_count( opStack ) != 0 ) ++ /* never add hints after the mask is computed */ ++ if ( cf2_stack_count( opStack ) > 1 && ++ cf2_hintmask_isValid( &hintMask ) ) + { +- /* never add hints after the mask is computed */ +- if ( cf2_hintmask_isValid( &hintMask ) ) +- FT_TRACE4(( "cf2_interpT2CharString: invalid hint mask\n" )); ++ FT_TRACE4(( "cf2_interpT2CharString: invalid hint mask\n" )); ++ break; + } + ++ /* if there are arguments on the stack, there this is an */ ++ /* implied cf2_cmdVSTEMHM */ + cf2_doStems( font, + opStack, + &vStemHintArray, +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0007-bdf-Fix-Savannah-bug-43660.-CVE-2014-9660.patch +++ freetype-2.5.2/debian/patches-freetype/0007-bdf-Fix-Savannah-bug-43660.-CVE-2014-9660.patch @@ -0,0 +1,35 @@ +From beec79fa289f8cd246b985d9925dd60964ae5491 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sat, 22 Nov 2014 13:29:10 +0100 +Subject: [bdf] Fix Savannah bug #43660. CVE-2014-9660 + +* src/bdf/bdflib.c (_bdf_parse_glyphs) <"ENDFONT">: Check +`_BDF_GLYPH_BITS'. + +(cherry picked from commit af8346172a7b573715134f7a51e6c5c60fa7f2ab) +--- + freetype-2.5.2/src/bdf/bdflib.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git freetype-2.5.2/src/bdf/bdflib.c freetype-2.5.2/src/bdf/bdflib.c +index 0b8412d..d613159 100644 +--- freetype-2.5.2/src/bdf/bdflib.c ++++ freetype-2.5.2/src/bdf/bdflib.c +@@ -1544,6 +1544,14 @@ + /* Check for the ENDFONT field. */ + if ( ft_memcmp( line, "ENDFONT", 7 ) == 0 ) + { ++ if ( p->flags & _BDF_GLYPH_BITS ) ++ { ++ /* Missing ENDCHAR field. */ ++ FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG1, lineno, "ENDCHAR" )); ++ error = FT_THROW( Corrupted_Font_Glyphs ); ++ goto Exit; ++ } ++ + /* Sort the glyphs by encoding. */ + ft_qsort( (char *)font->glyphs, + font->glyphs_used, +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0008-type42-Allow-only-embedded-TrueType-fonts.-CVE-2014-.patch +++ freetype-2.5.2/debian/patches-freetype/0008-type42-Allow-only-embedded-TrueType-fonts.-CVE-2014-.patch @@ -0,0 +1,34 @@ +From f81e0823c5bbf7692b20819328a2dd78bfa196b8 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sat, 22 Nov 2014 12:44:33 +0100 +Subject: [type42] Allow only embedded TrueType fonts. CVE-2014-9661 + +This is a follow-up to Savannah bug #43659. + +* src/type42/t42objs.c (T42_Face_Init): Exclusively use the +`truetype' font driver for loading the font contained in the `sfnts' +array. + +(cherry picked from commit 42fcd6693ec7bd6ffc65ddc63e74287a65dda669) +--- + freetype-2.5.2/src/type42/t42objs.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git freetype-2.5.2/src/type42/t42objs.c freetype-2.5.2/src/type42/t42objs.c +index f5aa2ca..af64bf7 100644 +--- freetype-2.5.2/src/type42/t42objs.c ++++ freetype-2.5.2/src/type42/t42objs.c +@@ -286,7 +286,9 @@ + FT_Open_Args args; + + +- args.flags = FT_OPEN_MEMORY; ++ args.flags = FT_OPEN_MEMORY | FT_OPEN_DRIVER; ++ args.driver = FT_Get_Module( FT_FACE_LIBRARY( face ), ++ "truetype" ); + args.memory_base = face->ttf_data; + args.memory_size = face->ttf_size; + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0009-cff-Fix-Savannah-bug-43658.-CVE-2014-9662.patch +++ freetype-2.5.2/debian/patches-freetype/0009-cff-Fix-Savannah-bug-43658.-CVE-2014-9662.patch @@ -0,0 +1,102 @@ +From 5b1379de7cd336cde51a3fc45cfe5da8f70ebe89 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sat, 22 Nov 2014 09:16:39 +0100 +Subject: [cff] Fix Savannah bug #43658. CVE-2014-9662 + +* src/cff/cf2ft.c (cf2_builder_lineTo, cf2_builder_cubeTo): Handle +return values of point allocation routines. + +(cherry picked from commit 5f201ab5c24cb69bc96b724fd66e739928d6c5e2) +--- + freetype-2.5.2/src/cff/cf2ft.c | 48 +++++++++++++++++++++++++++++++++--------- + 1 file changed, 38 insertions(+), 10 deletions(-) + +diff --git freetype-2.5.2/src/cff/cf2ft.c freetype-2.5.2/src/cff/cf2ft.c +index 4abbc9d..f8bf1b4 100644 +--- freetype-2.5.2/src/cff/cf2ft.c ++++ freetype-2.5.2/src/cff/cf2ft.c +@@ -140,6 +140,8 @@ + cf2_builder_lineTo( CF2_OutlineCallbacks callbacks, + const CF2_CallbackParams params ) + { ++ FT_Error error; ++ + /* downcast the object pointer */ + CF2_Outline outline = (CF2_Outline)callbacks; + CFF_Builder* builder; +@@ -154,15 +156,27 @@ + { + /* record the move before the line; also check points and set */ + /* `path_begun' */ +- cff_builder_start_point( builder, +- params->pt0.x, +- params->pt0.y ); ++ error = cff_builder_start_point( builder, ++ params->pt0.x, ++ params->pt0.y ); ++ if ( error ) ++ { ++ if ( !*callbacks->error ) ++ *callbacks->error = error; ++ return; ++ } + } + + /* `cff_builder_add_point1' includes a check_points call for one point */ +- cff_builder_add_point1( builder, +- params->pt1.x, +- params->pt1.y ); ++ error = cff_builder_add_point1( builder, ++ params->pt1.x, ++ params->pt1.y ); ++ if ( error ) ++ { ++ if ( !*callbacks->error ) ++ *callbacks->error = error; ++ return; ++ } + } + + +@@ -170,6 +184,8 @@ + cf2_builder_cubeTo( CF2_OutlineCallbacks callbacks, + const CF2_CallbackParams params ) + { ++ FT_Error error; ++ + /* downcast the object pointer */ + CF2_Outline outline = (CF2_Outline)callbacks; + CFF_Builder* builder; +@@ -184,13 +200,25 @@ + { + /* record the move before the line; also check points and set */ + /* `path_begun' */ +- cff_builder_start_point( builder, +- params->pt0.x, +- params->pt0.y ); ++ error = cff_builder_start_point( builder, ++ params->pt0.x, ++ params->pt0.y ); ++ if ( error ) ++ { ++ if ( !*callbacks->error ) ++ *callbacks->error = error; ++ return; ++ } + } + + /* prepare room for 3 points: 2 off-curve, 1 on-curve */ +- cff_check_points( builder, 3 ); ++ error = cff_check_points( builder, 3 ); ++ if ( error ) ++ { ++ if ( !*callbacks->error ) ++ *callbacks->error = error; ++ return; ++ } + + cff_builder_add_point( builder, + params->pt1.x, +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0010-sfnt-Fix-Savannah-bug-43656.-CVE-2014-9663.patch +++ freetype-2.5.2/debian/patches-freetype/0010-sfnt-Fix-Savannah-bug-43656.-CVE-2014-9663.patch @@ -0,0 +1,40 @@ +From 82c605d68a03166c21a974b58155f78bce031cd1 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Sat, 22 Nov 2014 06:24:45 +0100 +Subject: [sfnt] Fix Savannah bug #43656. CVE-2014-9663 + +* src/sfnt/ttcmap.c (tt_cmap4_validate): Fix order of validity +tests. + +(cherry picked from commit 9bd20b7304aae61de5d50ac359cf27132bafd4c1) +--- + freetype-2.5.2/src/sfnt/ttcmap.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git freetype-2.5.2/src/sfnt/ttcmap.c freetype-2.5.2/src/sfnt/ttcmap.c +index 9b7856b..c6ed872 100644 +--- freetype-2.5.2/src/sfnt/ttcmap.c ++++ freetype-2.5.2/src/sfnt/ttcmap.c +@@ -825,9 +825,6 @@ + FT_Error error = FT_Err_Ok; + + +- if ( length < 16 ) +- FT_INVALID_TOO_SHORT; +- + /* in certain fonts, the `length' field is invalid and goes */ + /* out of bound. We try to correct this here... */ + if ( table + length > valid->limit ) +@@ -838,6 +835,9 @@ + length = (FT_UInt)( valid->limit - table ); + } + ++ if ( length < 16 ) ++ FT_INVALID_TOO_SHORT; ++ + p = table + 6; + num_segs = TT_NEXT_USHORT( p ); /* read segCountX2 */ + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0011-type1-type42-Fix-Savannah-bug-43655.-CVE-2014-9664.patch +++ freetype-2.5.2/debian/patches-freetype/0011-type1-type42-Fix-Savannah-bug-43655.-CVE-2014-9664.patch @@ -0,0 +1,43 @@ +From 31fddea8aa48f4c3fed12ff985da0a24b5561f46 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Fri, 21 Nov 2014 22:19:28 +0100 +Subject: [type1, type42] Fix Savannah bug #43655. CVE-2014-9664 + +* src/type1/t1load.c (parse_charstrings), src/type42/t42parse.c +(t42_parse_charstrings): Fix boundary testing. + +(cherry picked from commit dd89710f0f643eb0f99a3830e0712d26c7642acd) +--- + freetype-2.5.2/src/type1/t1load.c | 2 +- + freetype-2.5.2/src/type42/t42parse.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git freetype-2.5.2/src/type1/t1load.c freetype-2.5.2/src/type1/t1load.c +index 4b5026b..fca3279 100644 +--- freetype-2.5.2/src/type1/t1load.c ++++ freetype-2.5.2/src/type1/t1load.c +@@ -1599,7 +1599,7 @@ + FT_PtrDist len; + + +- if ( cur + 1 >= limit ) ++ if ( cur + 2 >= limit ) + { + error = FT_THROW( Invalid_File_Format ); + goto Fail; +diff --git freetype-2.5.2/src/type42/t42parse.c freetype-2.5.2/src/type42/t42parse.c +index 3cdd8a1..0b3e0c6 100644 +--- freetype-2.5.2/src/type42/t42parse.c ++++ freetype-2.5.2/src/type42/t42parse.c +@@ -832,7 +832,7 @@ + FT_PtrDist len; + + +- if ( cur + 1 >= limit ) ++ if ( cur + 2 >= limit ) + { + FT_ERROR(( "t42_parse_charstrings: out of bounds\n" )); + error = FT_THROW( Invalid_File_Format ); +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0012-Make-FT_Bitmap_Convert-correctly-handle-negative-pit.patch +++ freetype-2.5.2/debian/patches-freetype/0012-Make-FT_Bitmap_Convert-correctly-handle-negative-pit.patch @@ -0,0 +1,169 @@ +From 91c554119a126f4476b2675a3729e8890a2b2e4a Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 19 Nov 2014 21:21:23 +0100 +Subject: Make `FT_Bitmap_Convert' correctly handle negative `pitch' values. + CVE-2014-9665-fixup + +* src/base/ftbitmap.c (FT_Bitmap_Convert): Always use positive value +for the pitch while copying data. +Correctly set pitch sign in target bitmap. + +(cherry picked from commit df485774fbbc7fd7dc9d3b278846f454654ad5df) +--- + freetype-2.5.2/src/base/ftbitmap.c | 63 +++++++++++++++++++++----------------- + 1 file changed, 35 insertions(+), 28 deletions(-) + +diff --git freetype-2.5.2/src/base/ftbitmap.c freetype-2.5.2/src/base/ftbitmap.c +index 182b1cc..9223007 100644 +--- freetype-2.5.2/src/base/ftbitmap.c ++++ freetype-2.5.2/src/base/ftbitmap.c +@@ -443,6 +443,8 @@ + FT_Error error = FT_Err_Ok; + FT_Memory memory; + ++ FT_Int source_pitch, target_pitch; ++ + + if ( !library ) + return FT_THROW( Invalid_Library_Handle ); +@@ -459,13 +461,15 @@ + case FT_PIXEL_MODE_LCD_V: + case FT_PIXEL_MODE_BGRA: + { +- FT_Int pad; ++ FT_Int pad, old_target_pitch; + FT_Long old_size; + + +- old_size = target->rows * target->pitch; +- if ( old_size < 0 ) +- old_size = -old_size; ++ old_target_pitch = target->pitch; ++ if ( old_target_pitch < 0 ) ++ old_target_pitch = -old_target_pitch; ++ ++ old_size = target->rows * old_target_pitch; + + target->pixel_mode = FT_PIXEL_MODE_GRAY; + target->rows = source->rows; +@@ -479,16 +483,18 @@ + pad = alignment - pad; + } + +- target->pitch = source->width + pad; ++ target_pitch = source->width + pad; + +- if ( target->pitch > 0 && +- (FT_ULong)target->rows > FT_ULONG_MAX / target->pitch ) ++ if ( target_pitch > 0 && ++ (FT_ULong)target->rows > FT_ULONG_MAX / target_pitch ) + return FT_THROW( Invalid_Argument ); + +- if ( target->rows * target->pitch > old_size && ++ if ( target->rows * target_pitch > old_size && + FT_QREALLOC( target->buffer, +- old_size, target->rows * target->pitch ) ) ++ old_size, target->rows * target_pitch ) ) + return error; ++ ++ target->pitch = target->pitch < 0 ? -target_pitch : target_pitch; + } + break; + +@@ -496,6 +502,10 @@ + error = FT_THROW( Invalid_Argument ); + } + ++ source_pitch = source->pitch; ++ if ( source_pitch < 0 ) ++ source_pitch = -source_pitch; ++ + switch ( source->pixel_mode ) + { + case FT_PIXEL_MODE_MONO: +@@ -548,8 +558,8 @@ + } + } + +- s += source->pitch; +- t += target->pitch; ++ s += source_pitch; ++ t += target_pitch; + } + } + break; +@@ -559,11 +569,9 @@ + case FT_PIXEL_MODE_LCD: + case FT_PIXEL_MODE_LCD_V: + { +- FT_Int width = source->width; +- FT_Byte* s = source->buffer; +- FT_Byte* t = target->buffer; +- FT_Int s_pitch = source->pitch; +- FT_Int t_pitch = target->pitch; ++ FT_Int width = source->width; ++ FT_Byte* s = source->buffer; ++ FT_Byte* t = target->buffer; + FT_Int i; + + +@@ -573,8 +581,8 @@ + { + FT_ARRAY_COPY( t, s, width ); + +- s += s_pitch; +- t += t_pitch; ++ s += source_pitch; ++ t += target_pitch; + } + } + break; +@@ -625,8 +633,8 @@ + } + } + +- s += source->pitch; +- t += target->pitch; ++ s += source_pitch; ++ t += target_pitch; + } + } + break; +@@ -664,18 +672,17 @@ + if ( source->width & 1 ) + tt[0] = (FT_Byte)( ( ss[0] & 0xF0 ) >> 4 ); + +- s += source->pitch; +- t += target->pitch; ++ s += source_pitch; ++ t += target_pitch; + } + } + break; + ++ + case FT_PIXEL_MODE_BGRA: + { +- FT_Byte* s = source->buffer; +- FT_Byte* t = target->buffer; +- FT_Int s_pitch = source->pitch; +- FT_Int t_pitch = target->pitch; ++ FT_Byte* s = source->buffer; ++ FT_Byte* t = target->buffer; + FT_Int i; + + +@@ -696,8 +703,8 @@ + tt += 1; + } + +- s += s_pitch; +- t += t_pitch; ++ s += source_pitch; ++ t += target_pitch; + } + } + break; +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0013-Fix-uninitialized-variable-warning.-CVE-2014-9665-fi.patch +++ freetype-2.5.2/debian/patches-freetype/0013-Fix-uninitialized-variable-warning.-CVE-2014-9665-fi.patch @@ -0,0 +1,31 @@ +From 3c8cb26b672f02272604a66fd5af0f53cab1c872 Mon Sep 17 00:00:00 2001 +From: Keith Packard +Date: Mon, 23 Feb 2015 20:47:24 -0800 +Subject: Fix uninitialized variable warning. CVE-2014-9665-fixup-2 + +The 'target_pitch' value is computed in one switch and used in +another; every use case is covered by the computation above, but the +compiler can't figure that out, leaving a warning which we turn into +an error. + +Signed-off-by: Keith Packard +--- + freetype-2.5.2/src/base/ftbitmap.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git freetype-2.5.2/src/base/ftbitmap.c freetype-2.5.2/src/base/ftbitmap.c +index 9223007..b9c2ef4 100644 +--- freetype-2.5.2/src/base/ftbitmap.c ++++ freetype-2.5.2/src/base/ftbitmap.c +@@ -443,7 +443,7 @@ + FT_Error error = FT_Err_Ok; + FT_Memory memory; + +- FT_Int source_pitch, target_pitch; ++ FT_Int source_pitch, target_pitch = 0; + + + if ( !library ) +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0014-Change-some-fields-in-FT_Bitmap-to-unsigned-type.-CV.patch +++ freetype-2.5.2/debian/patches-freetype/0014-Change-some-fields-in-FT_Bitmap-to-unsigned-type.-CV.patch @@ -0,0 +1,237 @@ +From 6dfb8afb2f8e7018ab20ad4ec001633edda3a96c Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 19 Nov 2014 21:28:21 +0100 +Subject: Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665 + +This doesn't break ABI. + +* include/ftimage.h (FT_Bitmap): Make `rows', `width', `num_grays', +`pixel_mode', and `palette_mode' unsigned types. + +* src/base/ftbitmap.c: Updated. +(FT_Bitmap_Copy): Fix casts. + +* src/cache/ftcsbits.c, src/raster/ftraster.c, src/sfnt/pngshim.c: +Updated. + +(cherry picked from commit b3500af717010137046ec4076d1e1c0641e33727) +--- + freetype-2.5.2/include/ftimage.h | 10 +++++----- + freetype-2.5.2/src/base/ftbitmap.c | 25 +++++++++++++------------ + freetype-2.5.2/src/cache/ftcsbits.c | 8 ++++---- + freetype-2.5.2/src/raster/ftraster.c | 12 ++++++------ + freetype-2.5.2/src/sfnt/pngshim.c | 10 +++++----- + 5 files changed, 33 insertions(+), 32 deletions(-) + +diff --git freetype-2.5.2/include/ftimage.h freetype-2.5.2/include/ftimage.h +index ea71a78..b66f036 100644 +--- freetype-2.5.2/include/ftimage.h ++++ freetype-2.5.2/include/ftimage.h +@@ -318,13 +318,13 @@ FT_BEGIN_HEADER + /* */ + typedef struct FT_Bitmap_ + { +- int rows; +- int width; ++ unsigned int rows; ++ unsigned int width; + int pitch; + unsigned char* buffer; +- short num_grays; +- char pixel_mode; +- char palette_mode; ++ unsigned short num_grays; ++ unsigned char pixel_mode; ++ unsigned char palette_mode; + void* palette; + + } FT_Bitmap; +diff --git freetype-2.5.2/src/base/ftbitmap.c freetype-2.5.2/src/base/ftbitmap.c +index b9c2ef4..127bfc5 100644 +--- freetype-2.5.2/src/base/ftbitmap.c ++++ freetype-2.5.2/src/base/ftbitmap.c +@@ -62,7 +62,7 @@ + + if ( pitch < 0 ) + pitch = -pitch; +- size = (FT_ULong)( pitch * source->rows ); ++ size = (FT_ULong)pitch * source->rows; + + if ( target->buffer ) + { +@@ -72,7 +72,7 @@ + + if ( target_pitch < 0 ) + target_pitch = -target_pitch; +- target_size = (FT_ULong)( target_pitch * target->rows ); ++ target_size = (FT_ULong)target_pitch * target->rows; + + if ( target_size != size ) + (void)FT_QREALLOC( target->buffer, target_size, size ); +@@ -106,7 +106,7 @@ + int pitch; + int new_pitch; + FT_UInt bpp; +- FT_Int i, width, height; ++ FT_UInt i, width, height; + unsigned char* buffer = NULL; + + +@@ -144,17 +144,17 @@ + if ( ypixels == 0 && new_pitch <= pitch ) + { + /* zero the padding */ +- FT_Int bit_width = pitch * 8; +- FT_Int bit_last = ( width + xpixels ) * bpp; ++ FT_UInt bit_width = pitch * 8; ++ FT_UInt bit_last = ( width + xpixels ) * bpp; + + + if ( bit_last < bit_width ) + { + FT_Byte* line = bitmap->buffer + ( bit_last >> 3 ); + FT_Byte* end = bitmap->buffer + pitch; +- FT_Int shift = bit_last & 7; ++ FT_UInt shift = bit_last & 7; + FT_UInt mask = 0xFF00U >> shift; +- FT_Int count = height; ++ FT_UInt count = height; + + + for ( ; count > 0; count--, line += pitch, end += pitch ) +@@ -180,7 +180,7 @@ + + if ( bitmap->pitch > 0 ) + { +- FT_Int len = ( width * bpp + 7 ) >> 3; ++ FT_UInt len = ( width * bpp + 7 ) >> 3; + + + for ( i = 0; i < bitmap->rows; i++ ) +@@ -189,7 +189,7 @@ + } + else + { +- FT_Int len = ( width * bpp + 7 ) >> 3; ++ FT_UInt len = ( width * bpp + 7 ) >> 3; + + + for ( i = 0; i < bitmap->rows; i++ ) +@@ -220,7 +220,8 @@ + { + FT_Error error; + unsigned char* p; +- FT_Int i, x, y, pitch; ++ FT_Int i, x, pitch; ++ FT_UInt y; + FT_Int xstr, ystr; + + +@@ -461,8 +462,8 @@ + case FT_PIXEL_MODE_LCD_V: + case FT_PIXEL_MODE_BGRA: + { +- FT_Int pad, old_target_pitch; +- FT_Long old_size; ++ FT_Int pad, old_target_pitch; ++ FT_ULong old_size; + + + old_target_pitch = target->pitch; +diff --git freetype-2.5.2/src/cache/ftcsbits.c freetype-2.5.2/src/cache/ftcsbits.c +index 6df1c19..59727d1 100644 +--- freetype-2.5.2/src/cache/ftcsbits.c ++++ freetype-2.5.2/src/cache/ftcsbits.c +@@ -4,7 +4,7 @@ + /* */ + /* FreeType sbits manager (body). */ + /* */ +-/* Copyright 2000-2006, 2009-2011, 2013 by */ ++/* Copyright 2000-2006, 2009-2011, 2013, 2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -142,12 +142,12 @@ + goto BadGlyph; + } + +- /* Check that our values fit into 8-bit containers! */ ++ /* Check whether our values fit into 8-bit containers! */ + /* If this is not the case, our bitmap is too large */ + /* and we will leave it as `missing' with sbit.buffer = 0 */ + +-#define CHECK_CHAR( d ) ( temp = (FT_Char)d, temp == d ) +-#define CHECK_BYTE( d ) ( temp = (FT_Byte)d, temp == d ) ++#define CHECK_CHAR( d ) ( temp = (FT_Char)d, (FT_Int) temp == (FT_Int) d ) ++#define CHECK_BYTE( d ) ( temp = (FT_Byte)d, (FT_UInt)temp == (FT_UInt)d ) + + /* horizontal advance in pixels */ + xadvance = ( slot->advance.x + 32 ) >> 6; +diff --git freetype-2.5.2/src/raster/ftraster.c freetype-2.5.2/src/raster/ftraster.c +index 8aa1113..6415d66 100644 +--- freetype-2.5.2/src/raster/ftraster.c ++++ freetype-2.5.2/src/raster/ftraster.c +@@ -2550,7 +2550,7 @@ + + e1 = TRUNC( e1 ); + +- if ( e1 >= 0 && e1 < ras.target.rows ) ++ if ( e1 >= 0 && (ULong)e1 < ras.target.rows ) + { + PByte p; + +@@ -2644,7 +2644,7 @@ + /* bounding box instead */ + if ( pxl < 0 ) + pxl = e1; +- else if ( TRUNC( pxl ) >= ras.target.rows ) ++ else if ( (ULong)( TRUNC( pxl ) ) >= ras.target.rows ) + pxl = e2; + + /* check that the other pixel isn't set */ +@@ -2659,9 +2659,9 @@ + if ( ras.target.pitch > 0 ) + bits += ( ras.target.rows - 1 ) * ras.target.pitch; + +- if ( e1 >= 0 && +- e1 < ras.target.rows && +- *bits & f1 ) ++ if ( e1 >= 0 && ++ (ULong)e1 < ras.target.rows && ++ *bits & f1 ) + return; + } + else +@@ -2673,7 +2673,7 @@ + + e1 = TRUNC( pxl ); + +- if ( e1 >= 0 && e1 < ras.target.rows ) ++ if ( e1 >= 0 && (ULong)e1 < ras.target.rows ) + { + bits -= e1 * ras.target.pitch; + if ( ras.target.pitch > 0 ) +diff --git freetype-2.5.2/src/sfnt/pngshim.c freetype-2.5.2/src/sfnt/pngshim.c +index 878de1f..79374b7 100644 +--- freetype-2.5.2/src/sfnt/pngshim.c ++++ freetype-2.5.2/src/sfnt/pngshim.c +@@ -205,11 +205,11 @@ + goto Exit; + } + +- if ( !populate_map_and_metrics && +- ( x_offset + metrics->width > map->width || +- y_offset + metrics->height > map->rows || +- pix_bits != 32 || +- map->pixel_mode != FT_PIXEL_MODE_BGRA ) ) ++ if ( !populate_map_and_metrics && ++ ( (FT_UInt)x_offset + metrics->width > map->width || ++ (FT_UInt)y_offset + metrics->height > map->rows || ++ pix_bits != 32 || ++ map->pixel_mode != FT_PIXEL_MODE_BGRA ) ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0015-sfnt-Fix-Savannah-bug-43591.-CVE-2014-9666.patch +++ freetype-2.5.2/debian/patches-freetype/0015-sfnt-Fix-Savannah-bug-43591.-CVE-2014-9666.patch @@ -0,0 +1,35 @@ +From 4ebd46e114fb98084d937d09e003c9fd8f6f5939 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 12 Nov 2014 21:42:13 +0100 +Subject: [sfnt] Fix Savannah bug #43591. CVE-2014-9666 + +* src/sfnt/ttsbit.c (tt_sbit_decoder_init): Protect against addition +and multiplication overflow. + +(cherry picked from commit 257c270bd25e15890190a28a1456e7623bba4439) +--- + freetype-2.5.2/src/sfnt/ttsbit.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git freetype-2.5.2/src/sfnt/ttsbit.c freetype-2.5.2/src/sfnt/ttsbit.c +index 38c680e..f223c5a 100644 +--- freetype-2.5.2/src/sfnt/ttsbit.c ++++ freetype-2.5.2/src/sfnt/ttsbit.c +@@ -380,9 +380,11 @@ + p += 34; + decoder->bit_depth = *p; + +- if ( decoder->strike_index_array > face->sbit_table_size || +- decoder->strike_index_array + 8 * decoder->strike_index_count > +- face->sbit_table_size ) ++ /* decoder->strike_index_array + */ ++ /* 8 * decoder->strike_index_count > face->sbit_table_size ? */ ++ if ( decoder->strike_index_array > face->sbit_table_size || ++ decoder->strike_index_count > ++ ( face->sbit_table_size - decoder->strike_index_array ) / 8 ) + error = FT_THROW( Invalid_File_Format ); + } + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0016-sfnt-Fix-Savannah-bug-43590.-CVE-2014-9667.patch +++ freetype-2.5.2/debian/patches-freetype/0016-sfnt-Fix-Savannah-bug-43590.-CVE-2014-9667.patch @@ -0,0 +1,53 @@ +From f4e4eb6ba541c32bbad8a1d8db68e5a4cb9ba423 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 12 Nov 2014 21:26:44 +0100 +Subject: [sfnt] Fix Savannah bug #43590. CVE-2014-9667 + +* src/sfnt/ttload.c (check_table_dir, tt_face_load_font_dir): +Protect against addition overflow. + +(cherry picked from commit 677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891) +--- + freetype-2.5.2/src/sfnt/ttload.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git freetype-2.5.2/src/sfnt/ttload.c freetype-2.5.2/src/sfnt/ttload.c +index 0a3cd29..8338150 100644 +--- freetype-2.5.2/src/sfnt/ttload.c ++++ freetype-2.5.2/src/sfnt/ttload.c +@@ -5,7 +5,7 @@ + /* Load the basic TrueType tables, i.e., tables that can be either in */ + /* TTF or OTF fonts (body). */ + /* */ +-/* Copyright 1996-2010, 2012, 2013 by */ ++/* Copyright 1996-2010, 2012-2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -207,7 +207,10 @@ + } + + /* we ignore invalid tables */ +- if ( table.Offset + table.Length > stream->size ) ++ ++ /* table.Offset + table.Length > stream->size ? */ ++ if ( table.Length > stream->size || ++ table.Offset > stream->size - table.Length ) + { + FT_TRACE2(( "check_table_dir: table entry %d invalid\n", nn )); + continue; +@@ -395,7 +398,10 @@ + entry->Length = FT_GET_ULONG(); + + /* ignore invalid tables */ +- if ( entry->Offset + entry->Length > stream->size ) ++ ++ /* entry->Offset + entry->Length > stream->size ? */ ++ if ( entry->Length > stream->size || ++ entry->Offset > stream->size - entry->Length ) + continue; + else + { +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0017-sfnt-Fix-Savannah-bug-43589.-CVE-2014-9668.patch +++ freetype-2.5.2/debian/patches-freetype/0017-sfnt-Fix-Savannah-bug-43589.-CVE-2014-9668.patch @@ -0,0 +1,33 @@ +From eae341fbe8a57e4d30050b71f2956f1da053eb4b Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 12 Nov 2014 21:06:08 +0100 +Subject: [sfnt] Fix Savannah bug #43589. CVE-2014-9668 + +* src/sfnt/sfobjs.c (woff_open_font): Protect against addition +overflow. + +(cherry picked from commit f46add13895337ece929b18bb8f036431b3fb538) +--- + freetype-2.5.2/src/sfnt/sfobjs.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git freetype-2.5.2/src/sfnt/sfobjs.c freetype-2.5.2/src/sfnt/sfobjs.c +index a31c77c..d202ca0 100644 +--- freetype-2.5.2/src/sfnt/sfobjs.c ++++ freetype-2.5.2/src/sfnt/sfobjs.c +@@ -574,8 +574,10 @@ + + + if ( table->Offset != woff_offset || +- table->Offset + table->CompLength > woff.length || +- sfnt_offset + table->OrigLength > woff.totalSfntSize || ++ table->CompLength > woff.length || ++ table->Offset > woff.length - table->CompLength || ++ table->OrigLength > woff.totalSfntSize || ++ sfnt_offset > woff.totalSfntSize - table->OrigLength || + table->CompLength > table->OrigLength ) + { + error = FT_THROW( Invalid_Table ); +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0018-sfnt-Fix-Savannah-bug-43588.-CVE-2014-9669.patch +++ freetype-2.5.2/debian/patches-freetype/0018-sfnt-Fix-Savannah-bug-43588.-CVE-2014-9669.patch @@ -0,0 +1,123 @@ +From 3cba76af29963f3fd1925ed6128cdf95bf8d4823 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 12 Nov 2014 20:51:20 +0100 +Subject: [sfnt] Fix Savannah bug #43588. CVE-2014-9669 + +* src/sfnt/ttcmap.c (tt_cmap8_validate, tt_cmap10_validate, +tt_cmap12_validate, tt_cmap13_validate, tt_cmap14_validate): Protect +against overflow in additions and multiplications. + +(cherry picked from commit 602040b1112c9f94d68e200be59ea7ac3d104565) +--- + freetype-2.5.2/src/sfnt/ttcmap.c | 39 ++++++++++++++++++++++++++++++--------- + 1 file changed, 30 insertions(+), 9 deletions(-) + +diff --git freetype-2.5.2/src/sfnt/ttcmap.c freetype-2.5.2/src/sfnt/ttcmap.c +index c6ed872..9050ebf 100644 +--- freetype-2.5.2/src/sfnt/ttcmap.c ++++ freetype-2.5.2/src/sfnt/ttcmap.c +@@ -1649,7 +1649,8 @@ + p = is32 + 8192; /* skip `is32' array */ + num_groups = TT_NEXT_ULONG( p ); + +- if ( p + num_groups * 12 > valid->limit ) ++ /* p + num_groups * 12 > valid->limit ? */ ++ if ( num_groups > (FT_UInt32)( valid->limit - p ) / 12 ) + FT_INVALID_TOO_SHORT; + + /* check groups, they must be in increasing order */ +@@ -1674,7 +1675,12 @@ + + if ( valid->level >= FT_VALIDATE_TIGHT ) + { +- if ( start_id + end - start >= TT_VALID_GLYPH_COUNT( valid ) ) ++ FT_UInt32 d = end - start; ++ ++ ++ /* start_id + end - start >= TT_VALID_GLYPH_COUNT( valid ) ? */ ++ if ( d > TT_VALID_GLYPH_COUNT( valid ) || ++ start_id >= TT_VALID_GLYPH_COUNT( valid ) - d ) + FT_INVALID_GLYPH_ID; + + count = (FT_UInt32)( end - start + 1 ); +@@ -1872,7 +1878,9 @@ + count = TT_NEXT_ULONG( p ); + + if ( length > (FT_ULong)( valid->limit - table ) || +- length < 20 + count * 2 ) ++ /* length < 20 + count * 2 ? */ ++ length < 20 || ++ ( length - 20 ) / 2 < count ) + FT_INVALID_TOO_SHORT; + + /* check glyph indices */ +@@ -2059,7 +2067,9 @@ + num_groups = TT_NEXT_ULONG( p ); + + if ( length > (FT_ULong)( valid->limit - table ) || +- length < 16 + 12 * num_groups ) ++ /* length < 16 + 12 * num_groups ? */ ++ length < 16 || ++ ( length - 16 ) / 12 < num_groups ) + FT_INVALID_TOO_SHORT; + + /* check groups, they must be in increasing order */ +@@ -2081,7 +2091,12 @@ + + if ( valid->level >= FT_VALIDATE_TIGHT ) + { +- if ( start_id + end - start >= TT_VALID_GLYPH_COUNT( valid ) ) ++ FT_UInt32 d = end - start; ++ ++ ++ /* start_id + end - start >= TT_VALID_GLYPH_COUNT( valid ) ? */ ++ if ( d > TT_VALID_GLYPH_COUNT( valid ) || ++ start_id >= TT_VALID_GLYPH_COUNT( valid ) - d ) + FT_INVALID_GLYPH_ID; + } + +@@ -2383,7 +2398,9 @@ + num_groups = TT_NEXT_ULONG( p ); + + if ( length > (FT_ULong)( valid->limit - table ) || +- length < 16 + 12 * num_groups ) ++ /* length < 16 + 12 * num_groups ? */ ++ length < 16 || ++ ( length - 16 ) / 12 < num_groups ) + FT_INVALID_TOO_SHORT; + + /* check groups, they must be in increasing order */ +@@ -2764,7 +2781,9 @@ + + + if ( length > (FT_ULong)( valid->limit - table ) || +- length < 10 + 11 * num_selectors ) ++ /* length < 10 + 11 * num_selectors ? */ ++ length < 10 || ++ ( length - 10 ) / 11 < num_selectors ) + FT_INVALID_TOO_SHORT; + + /* check selectors, they must be in increasing order */ +@@ -2800,7 +2819,8 @@ + FT_ULong lastBase = 0; + + +- if ( defp + numRanges * 4 > valid->limit ) ++ /* defp + numRanges * 4 > valid->limit ? */ ++ if ( numRanges > (FT_ULong)( valid->limit - defp ) / 4 ) + FT_INVALID_TOO_SHORT; + + for ( i = 0; i < numRanges; ++i ) +@@ -2827,7 +2847,8 @@ + FT_ULong i, lastUni = 0; + + +- if ( numMappings * 4 > (FT_ULong)( valid->limit - ndp ) ) ++ /* numMappings * 4 > (FT_ULong)( valid->limit - ndp ) ? */ ++ if ( numMappings > ( (FT_ULong)( valid->limit - ndp ) ) / 4 ) + FT_INVALID_TOO_SHORT; + + for ( i = 0; i < numMappings; ++i ) +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0019-Fix-Savannah-bug-43548.-CVE-2014-9670.patch +++ freetype-2.5.2/debian/patches-freetype/0019-Fix-Savannah-bug-43548.-CVE-2014-9670.patch @@ -0,0 +1,36 @@ +From e92ff3eeb7981a88a85f2c0a7f1f4be9a28c57d9 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Thu, 6 Nov 2014 23:25:05 +0100 +Subject: Fix Savannah bug #43548. CVE-2014-9670 + +* src/pcf/pcfread (pcf_get_encodings): Add sanity checks for row and +column values. + +(cherry picked from commit ef1eba75187adfac750f326b563fe543dd5ff4e6) +--- + freetype-2.5.2/src/pcf/pcfread.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git freetype-2.5.2/src/pcf/pcfread.c freetype-2.5.2/src/pcf/pcfread.c +index ee41c5d..c7d38e1 100644 +--- freetype-2.5.2/src/pcf/pcfread.c ++++ freetype-2.5.2/src/pcf/pcfread.c +@@ -812,6 +812,15 @@ THE SOFTWARE. + if ( !PCF_FORMAT_MATCH( format, PCF_DEFAULT_FORMAT ) ) + return FT_THROW( Invalid_File_Format ); + ++ /* sanity checks */ ++ if ( firstCol < 0 || ++ firstCol > lastCol || ++ lastCol > 0xFF || ++ firstRow < 0 || ++ firstRow > lastRow || ++ lastRow > 0xFF ) ++ return FT_THROW( Invalid_Table ); ++ + FT_TRACE4(( "pdf_get_encodings:\n" )); + + FT_TRACE4(( " firstCol %d, lastCol %d, firstRow %d, lastRow %d\n", +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0020-Fix-Savannah-bug-43547.-CVE-2014-9671.patch +++ freetype-2.5.2/debian/patches-freetype/0020-Fix-Savannah-bug-43547.-CVE-2014-9671.patch @@ -0,0 +1,42 @@ +From 8d2acf52b8f956338f7b381817d3fdb06b64f756 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Thu, 6 Nov 2014 22:32:46 +0100 +Subject: Fix Savannah bug #43547. CVE-2014-9671 + +* src/pcf/pcfread.c (pcf_read_TOC): Check `size' and `offset' +values. + +(cherry picked from commit 0e2f5d518c60e2978f26400d110eff178fa7e3c3) +--- + freetype-2.5.2/src/pcf/pcfread.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git freetype-2.5.2/src/pcf/pcfread.c freetype-2.5.2/src/pcf/pcfread.c +index c7d38e1..f487faa 100644 +--- freetype-2.5.2/src/pcf/pcfread.c ++++ freetype-2.5.2/src/pcf/pcfread.c +@@ -151,6 +151,21 @@ THE SOFTWARE. + break; + } + ++ /* we now check whether the `size' and `offset' values are reasonable: */ ++ /* `offset' + `size' must not exceed the stream size */ ++ tables = face->toc.tables; ++ for ( n = 0; n < toc->count; n++ ) ++ { ++ /* we need two checks to avoid overflow */ ++ if ( ( tables->size > stream->size ) || ++ ( tables->offset > stream->size - tables->size ) ) ++ { ++ error = FT_THROW( Invalid_Table ); ++ goto Exit; ++ } ++ tables++; ++ } ++ + #ifdef FT_DEBUG_LEVEL_TRACE + + { +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0021-Fix-Savannah-bug-43540.-CVE-2014-9672.patch +++ freetype-2.5.2/debian/patches-freetype/0021-Fix-Savannah-bug-43540.-CVE-2014-9672.patch @@ -0,0 +1,42 @@ +From fd240e4f474a3d1006b3467fb9a891d94770fdf4 Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 16:11:38 +0900 +Subject: Fix Savannah bug #43540. CVE-2014-9672 + +* src/base/ftmac.c (parse_fond): Prevent a buffer overrun +caused by a font including too many (> 63) strings to store +names[] table. + +(cherry picked from commit 18a8f0d9943369449bc4de92d411c78fb08d616c) +--- + freetype-2.5.2/src/base/ftmac.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git freetype-2.5.2/src/base/ftmac.c freetype-2.5.2/src/base/ftmac.c +index 9b49da8..184a2e1 100644 +--- freetype-2.5.2/src/base/ftmac.c ++++ freetype-2.5.2/src/base/ftmac.c +@@ -440,9 +440,10 @@ + style = (StyleTable*)p; + p += sizeof ( StyleTable ); + string_count = EndianS16_BtoN( *(short*)(p) ); ++ string_count = FT_MIN( 64, string_count ); + p += sizeof ( short ); + +- for ( i = 0; i < string_count && i < 64; i++ ) ++ for ( i = 0; i < string_count; i++ ) + { + names[i] = p; + p += names[i][0]; +@@ -459,7 +460,7 @@ + ps_name[ps_name_len] = 0; + } + if ( style->indexes[face_index] > 1 && +- style->indexes[face_index] <= FT_MIN( string_count, 64 ) ) ++ style->indexes[face_index] <= string_count ) + { + unsigned char* suffixes = names[style->indexes[face_index] - 1]; + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0022-src-base-ftobjs.c-Mac_Read_POST_Resource-Avoid-memor.patch +++ freetype-2.5.2/debian/patches-freetype/0022-src-base-ftobjs.c-Mac_Read_POST_Resource-Avoid-memor.patch @@ -0,0 +1,33 @@ +From 9c29f8a914862850a8e5c9fdf35d226ac7be30b8 Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 14:36:12 +0900 +Subject: =?UTF-8?q?*=20src/base/ftobjs.c=20(Mac=5FRead=5FPOST=5FResource):?= + =?UTF-8?q?=20Avoid=20memory=20leak=20CVE-2014-9673-fixup=0Aby=20a=20broke?= + =?UTF-8?q?n=20POST=20table=20in=20resource-fork.=20=20Return=20after=20fr?= + =?UTF-8?q?eeing=0Athe=20buffered=20POST=20table=20when=20it=20is=20found?= + =?UTF-8?q?=20to=20be=20broken.?= + +(cherry picked from commit 5aff85301bdce7677766fa1367c82ff41a739637) +--- + freetype-2.5.2/src/base/ftobjs.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index bd0c66e..6014a93 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1626,9 +1626,9 @@ + if ( error ) + goto Exit2; + if ( FT_READ_LONG( rlen ) ) +- goto Exit; ++ goto Exit2; + if ( FT_READ_USHORT( flags ) ) +- goto Exit; ++ goto Exit2; + FT_TRACE3(( "POST fragment[%d]: offsets=0x%08x, rlen=0x%08x, flags=0x%04x\n", + i, offsets[i], rlen, flags )); + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0023-Fix-Savannah-bug-43539.-CVE-2014-9673.patch +++ freetype-2.5.2/debian/patches-freetype/0023-Fix-Savannah-bug-43539.-CVE-2014-9673.patch @@ -0,0 +1,59 @@ +From 9dab65dee316318b89f3dd83515509b64bb3f17d Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 15:52:23 +0900 +Subject: Fix Savannah bug #43539. CVE-2014-9673 + +* src/base/ftobjs.c (Mac_Read_POST_Resource): Fix integer overflow +by a broken POST table in resource-fork. + +(cherry picked from commit 35252ae9aa1dd9343e9f4884e9ddb1fee10ef415) +--- + freetype-2.5.2/src/base/ftobjs.c | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index 6014a93..e860413 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1627,6 +1627,11 @@ + goto Exit2; + if ( FT_READ_LONG( rlen ) ) + goto Exit2; ++ if ( rlen < 0 ) ++ { ++ error = FT_THROW( Invalid_Offset ); ++ goto Exit2; ++ } + if ( FT_READ_USHORT( flags ) ) + goto Exit2; + FT_TRACE3(( "POST fragment[%d]: offsets=0x%08x, rlen=0x%08x, flags=0x%04x\n", +@@ -1644,7 +1649,14 @@ + rlen = 0; + + if ( ( flags >> 8 ) == type ) ++ { ++ if ( 0x7FFFFFFFL - rlen < len ) ++ { ++ error = FT_THROW( Array_Too_Large ); ++ goto Exit2; ++ } + len += rlen; ++ } + else + { + if ( pfb_lenpos + 3 > pfb_len + 2 ) +@@ -1673,6 +1685,11 @@ + } + + error = FT_ERR( Cannot_Open_Resource ); ++ if ( rlen > 0x7FFFFFFFL - pfb_pos ) ++ { ++ error = FT_THROW( Array_Too_Large ); ++ goto Exit2; ++ } + if ( pfb_pos > pfb_len || pfb_pos + rlen > pfb_len ) + goto Exit2; + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0024-Fix-Savannah-bug-43538.-CVE-2014-9674-part-1.patch +++ freetype-2.5.2/debian/patches-freetype/0024-Fix-Savannah-bug-43538.-CVE-2014-9674-part-1.patch @@ -0,0 +1,45 @@ +From 6dc3fe8132e53773c2d48c7c07caf65bc020aa3d Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 15:43:29 +0900 +Subject: Fix Savannah bug #43538. CVE-2014-9674-part-1 + +* src/base/ftobjs.c (Mac_Read_POST_Resource): Fix integer overflow +by a broken POST table in resource-fork. + +(cherry picked from commit 240c94a185cd8dae7d03059abec8a5662c35ecd3) +--- + freetype-2.5.2/src/base/ftobjs.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index e860413..6be07ca 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1603,10 +1603,23 @@ + goto Exit; + if ( FT_READ_LONG( temp ) ) + goto Exit; ++ if ( 0 > temp ) ++ error = FT_THROW( Invalid_Offset ); ++ else if ( 0x7FFFFFFFL - 6 - pfb_len < temp ) ++ error = FT_THROW( Array_Too_Large ); ++ ++ if ( error ) ++ goto Exit; ++ + pfb_len += temp + 6; + } + +- if ( FT_ALLOC( pfb_data, (FT_Long)pfb_len + 2 ) ) ++ if ( 0x7FFFFFFFL - 2 < pfb_len ) ++ error = FT_THROW( Array_Too_Large ); ++ else ++ error = FT_ALLOC( pfb_data, (FT_Long)pfb_len + 2 ); ++ ++ if ( error ) + goto Exit; + + pfb_data[0] = 0x80; +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0025-src-base-ftobjs.c-Mac_Read_POST_Resource-Use-unsigne.patch +++ freetype-2.5.2/debian/patches-freetype/0025-src-base-ftobjs.c-Mac_Read_POST_Resource-Use-unsigne.patch @@ -0,0 +1,165 @@ +From f50779191264fd754d76fbf9b0703a930902ae50 Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 16:02:17 +0900 +Subject: =?UTF-8?q?*=20src/base/ftobjs.c=20(Mac=5FRead=5FPOST=5FResource):?= + =?UTF-8?q?=20Use=20unsigned=20long=20CVE-2014-9674-fixup-1=0Avariables=20?= + =?UTF-8?q?to=20read=20the=20lengths=20in=20POST=20fragments.=20=20Suggest?= + =?UTF-8?q?ed=20by=0AMateusz=20Jurczyk=20.?= + +(cherry picked from commit 453316792fee912cfced48e9e270e9eb19892e64) +--- + freetype-2.5.2/src/base/ftobjs.c | 63 ++++++++++++++++++++++------------------ + 1 file changed, 34 insertions(+), 29 deletions(-) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index 6be07ca..2ec2ed8 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1583,9 +1583,9 @@ + FT_Memory memory = library->memory; + FT_Byte* pfb_data = NULL; + int i, type, flags; +- FT_Long len; +- FT_Long pfb_len, pfb_pos, pfb_lenpos; +- FT_Long rlen, temp; ++ FT_ULong len; ++ FT_ULong pfb_len, pfb_pos, pfb_lenpos; ++ FT_ULong rlen, temp; + + + if ( face_index == -1 ) +@@ -1601,25 +1601,27 @@ + error = FT_Stream_Seek( stream, offsets[i] ); + if ( error ) + goto Exit; +- if ( FT_READ_LONG( temp ) ) ++ if ( FT_READ_ULONG( temp ) ) + goto Exit; +- if ( 0 > temp ) ++#if 0 ++ FT_TRACE4(( " POST fragment #%d: length=0x%08x\n", i, temp)); ++ if ( 0x7FFFFFFFUL < temp ) ++ { + error = FT_THROW( Invalid_Offset ); +- else if ( 0x7FFFFFFFL - 6 - pfb_len < temp ) +- error = FT_THROW( Array_Too_Large ); +- +- if ( error ) + goto Exit; ++ } ++#endif + + pfb_len += temp + 6; + } + +- if ( 0x7FFFFFFFL - 2 < pfb_len ) ++ FT_TRACE2(( " total buffer size to concatenate %d POST fragments: 0x%08x\n", ++ resource_cnt, pfb_len + 2)); ++ if ( pfb_len + 2 < 6 ) { + error = FT_THROW( Array_Too_Large ); +- else +- error = FT_ALLOC( pfb_data, (FT_Long)pfb_len + 2 ); +- +- if ( error ) ++ goto Exit; ++ } ++ if ( FT_ALLOC( pfb_data, (FT_Long)pfb_len + 2 ) ) + goto Exit; + + pfb_data[0] = 0x80; +@@ -1638,21 +1640,27 @@ + error = FT_Stream_Seek( stream, offsets[i] ); + if ( error ) + goto Exit2; +- if ( FT_READ_LONG( rlen ) ) ++ if ( FT_READ_ULONG( rlen ) ) + goto Exit2; +- if ( rlen < 0 ) ++#if 0 ++ if ( 0x7FFFFFFFUL < rlen ) + { + error = FT_THROW( Invalid_Offset ); + goto Exit2; + } ++#endif + if ( FT_READ_USHORT( flags ) ) + goto Exit2; + FT_TRACE3(( "POST fragment[%d]: offsets=0x%08x, rlen=0x%08x, flags=0x%04x\n", + i, offsets[i], rlen, flags )); + ++ error = FT_ERR( Array_Too_Large ); + /* postpone the check of rlen longer than buffer until FT_Stream_Read() */ + if ( ( flags >> 8 ) == 0 ) /* Comment, should not be loaded */ ++ { ++ FT_TRACE3(( " Skip POST fragment #%d because it is a comment\n", i )); + continue; ++ } + + /* the flags are part of the resource, so rlen >= 2. */ + /* but some fonts declare rlen = 0 for empty fragment */ +@@ -1662,16 +1670,10 @@ + rlen = 0; + + if ( ( flags >> 8 ) == type ) +- { +- if ( 0x7FFFFFFFL - rlen < len ) +- { +- error = FT_THROW( Array_Too_Large ); +- goto Exit2; +- } + len += rlen; +- } + else + { ++ FT_TRACE3(( " Write POST fragment #%d header (4-byte) to buffer 0x%p + 0x%08x\n", i, pfb_data, pfb_lenpos )); + if ( pfb_lenpos + 3 > pfb_len + 2 ) + goto Exit2; + pfb_data[pfb_lenpos ] = (FT_Byte)( len ); +@@ -1682,6 +1684,7 @@ + if ( ( flags >> 8 ) == 5 ) /* End of font mark */ + break; + ++ FT_TRACE3(( " Write POST fragment #%d header (6-byte) to buffer 0x%p + 0x%08x\n", i, pfb_data, pfb_pos )); + if ( pfb_pos + 6 > pfb_len + 2 ) + goto Exit2; + pfb_data[pfb_pos++] = 0x80; +@@ -1697,21 +1700,17 @@ + pfb_data[pfb_pos++] = 0; + } + +- error = FT_ERR( Cannot_Open_Resource ); +- if ( rlen > 0x7FFFFFFFL - pfb_pos ) +- { +- error = FT_THROW( Array_Too_Large ); +- goto Exit2; +- } + if ( pfb_pos > pfb_len || pfb_pos + rlen > pfb_len ) + goto Exit2; + ++ FT_TRACE3(( " Load POST fragment #%d (%d byte) to buffer 0x%p + 0x%08x\n", i, rlen, pfb_data, pfb_pos )); + error = FT_Stream_Read( stream, (FT_Byte *)pfb_data + pfb_pos, rlen ); + if ( error ) + goto Exit2; + pfb_pos += rlen; + } + ++ error = FT_ERR( Array_Too_Large ); + if ( pfb_pos + 2 > pfb_len + 2 ) + goto Exit2; + pfb_data[pfb_pos++] = 0x80; +@@ -1732,6 +1731,12 @@ + aface ); + + Exit2: ++ if ( error == FT_ERR( Array_Too_Large ) ) ++ FT_TRACE2(( " Abort due to too-short buffer to store all POST fragments\n" )); ++ else if ( error == FT_ERR( Invalid_Offset ) ) ++ FT_TRACE2(( " Abort due to invalid offset in a POST fragment\n" )); ++ if ( error ) ++ error = FT_ERR( Cannot_Open_Resource ); + FT_FREE( pfb_data ); + + Exit: +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0026-src-base-ftobjs.c-Mac_Read_POST_Resource-Insert-comm.patch +++ freetype-2.5.2/debian/patches-freetype/0026-src-base-ftobjs.c-Mac_Read_POST_Resource-Insert-comm.patch @@ -0,0 +1,111 @@ +From 02dd014303d7a151398321cfc7001426306b6e3b Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Wed, 26 Nov 2014 16:39:00 +0900 +Subject: =?UTF-8?q?*=20src/base/ftobjs.c=20(Mac=5FRead=5FPOST=5FResource):?= + =?UTF-8?q?=20Insert=20comments=20CVS-2014-9674-fixup-2=0Aand=20fold=20too?= + =?UTF-8?q?=20long=20tracing=20messages.?= + +(cherry picked from commit 1720e81e3ecc7c266e54fe40175cc39c47117bf5) +--- + freetype-2.5.2/src/base/ftobjs.c | 34 ++++++++++++++++++++++++---------- + 1 file changed, 24 insertions(+), 10 deletions(-) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index 2ec2ed8..4a9eb7f 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1603,21 +1603,28 @@ + goto Exit; + if ( FT_READ_ULONG( temp ) ) + goto Exit; +-#if 0 +- FT_TRACE4(( " POST fragment #%d: length=0x%08x\n", i, temp)); ++ ++ /* FT2 allocator takes signed long buffer length, ++ * too large value causing overflow should be checked ++ */ ++ FT_TRACE4(( " POST fragment #%d: length=0x%08x\n", ++ i, temp)); + if ( 0x7FFFFFFFUL < temp ) + { + error = FT_THROW( Invalid_Offset ); + goto Exit; + } +-#endif + + pfb_len += temp + 6; + } + +- FT_TRACE2(( " total buffer size to concatenate %d POST fragments: 0x%08x\n", ++ FT_TRACE2(( " total buffer size to concatenate %d" ++ " POST fragments: 0x%08x\n", + resource_cnt, pfb_len + 2)); + if ( pfb_len + 2 < 6 ) { ++ FT_TRACE2(( " too long fragment length makes" ++ " pfb_len confused: 0x%08x\n", ++ pfb_len )); + error = FT_THROW( Array_Too_Large ); + goto Exit; + } +@@ -1642,13 +1649,16 @@ + goto Exit2; + if ( FT_READ_ULONG( rlen ) ) + goto Exit2; +-#if 0 ++ ++ /* FT2 allocator takes signed long buffer length, ++ * too large fragment length causing overflow should be checked ++ */ + if ( 0x7FFFFFFFUL < rlen ) + { + error = FT_THROW( Invalid_Offset ); + goto Exit2; + } +-#endif ++ + if ( FT_READ_USHORT( flags ) ) + goto Exit2; + FT_TRACE3(( "POST fragment[%d]: offsets=0x%08x, rlen=0x%08x, flags=0x%04x\n", +@@ -1673,7 +1683,8 @@ + len += rlen; + else + { +- FT_TRACE3(( " Write POST fragment #%d header (4-byte) to buffer 0x%p + 0x%08x\n", i, pfb_data, pfb_lenpos )); ++ FT_TRACE3(( " Write POST fragment #%d header (4-byte) to buffer" ++ " 0x%p + 0x%08x\n", i, pfb_data, pfb_lenpos )); + if ( pfb_lenpos + 3 > pfb_len + 2 ) + goto Exit2; + pfb_data[pfb_lenpos ] = (FT_Byte)( len ); +@@ -1684,7 +1695,8 @@ + if ( ( flags >> 8 ) == 5 ) /* End of font mark */ + break; + +- FT_TRACE3(( " Write POST fragment #%d header (6-byte) to buffer 0x%p + 0x%08x\n", i, pfb_data, pfb_pos )); ++ FT_TRACE3(( " Write POST fragment #%d header (6-byte) to buffer" ++ " 0x%p + 0x%08x\n", i, pfb_data, pfb_pos )); + if ( pfb_pos + 6 > pfb_len + 2 ) + goto Exit2; + pfb_data[pfb_pos++] = 0x80; +@@ -1703,7 +1715,8 @@ + if ( pfb_pos > pfb_len || pfb_pos + rlen > pfb_len ) + goto Exit2; + +- FT_TRACE3(( " Load POST fragment #%d (%d byte) to buffer 0x%p + 0x%08x\n", i, rlen, pfb_data, pfb_pos )); ++ FT_TRACE3(( " Load POST fragment #%d (%d byte) to buffer" ++ " 0x%p + 0x%08x\n", i, rlen, pfb_data, pfb_pos )); + error = FT_Stream_Read( stream, (FT_Byte *)pfb_data + pfb_pos, rlen ); + if ( error ) + goto Exit2; +@@ -1732,7 +1745,8 @@ + + Exit2: + if ( error == FT_ERR( Array_Too_Large ) ) +- FT_TRACE2(( " Abort due to too-short buffer to store all POST fragments\n" )); ++ FT_TRACE2(( " Abort due to too-short buffer to store" ++ " all POST fragments\n" )); + else if ( error == FT_ERR( Invalid_Offset ) ) + FT_TRACE2(( " Abort due to invalid offset in a POST fragment\n" )); + if ( error ) +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0027-src-base-ftobj.c-Mac_Read_POST_Resource-Additional-C.patch +++ freetype-2.5.2/debian/patches-freetype/0027-src-base-ftobj.c-Mac_Read_POST_Resource-Additional-C.patch @@ -0,0 +1,42 @@ +From 227701e7a216e77f97fc170702d70f9c1a84992a Mon Sep 17 00:00:00 2001 +From: suzuki toshiya +Date: Thu, 27 Nov 2014 00:20:48 +0900 +Subject: =?UTF-8?q?*=20src/base/ftobj.c=20(Mac=5FRead=5FPOST=5FResource):?= + =?UTF-8?q?=20Additional=20CVE-2014-0674-part-2=0Aoverflow=20check=20in=20?= + =?UTF-8?q?the=20summation=20of=20POST=20fragment=20lengths,=0Asuggested?= + =?UTF-8?q?=20by=20Mateusz=20Jurczyk=20.?= + +(cherry picked from commit cd4a5a26e591d01494567df9dec7f72d59551f6e) +--- + freetype-2.5.2/src/base/ftobjs.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git freetype-2.5.2/src/base/ftobjs.c freetype-2.5.2/src/base/ftobjs.c +index 4a9eb7f..038a0f8 100644 +--- freetype-2.5.2/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -1609,8 +1609,10 @@ + */ + FT_TRACE4(( " POST fragment #%d: length=0x%08x\n", + i, temp)); +- if ( 0x7FFFFFFFUL < temp ) ++ if ( 0x7FFFFFFFUL < temp || pfb_len + temp + 6 < pfb_len ) + { ++ FT_TRACE2(( " too long fragment length makes" ++ " pfb_len confused: temp=0x%08x\n", temp )); + error = FT_THROW( Invalid_Offset ); + goto Exit; + } +@@ -1623,8 +1625,7 @@ + resource_cnt, pfb_len + 2)); + if ( pfb_len + 2 < 6 ) { + FT_TRACE2(( " too long fragment length makes" +- " pfb_len confused: 0x%08x\n", +- pfb_len )); ++ " pfb_len confused: pfb_len=0x%08x\n", pfb_len )); + error = FT_THROW( Array_Too_Large ); + goto Exit; + } +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0028-bdf-Fix-Savannah-bug-41692.-CVE-2014-9675-fixup-1.patch +++ freetype-2.5.2/debian/patches-freetype/0028-bdf-Fix-Savannah-bug-41692.-CVE-2014-9675-fixup-1.patch @@ -0,0 +1,235 @@ +From 37be20dfb7ceec9bb2c10ac19f339043a8e20229 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Wed, 26 Feb 2014 13:08:07 +0100 +Subject: [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1 + +bdflib puts data from the input stream into a buffer in chunks of +1024 bytes. The data itself gets then parsed line by line, simply +increasing the current pointer into the buffer; if the search for +the final newline character exceeds the buffer size, more data gets +read. + +However, in case the current line's end is very near to the buffer +end, and the keyword to compare with is longer than the current +line's length, an out-of-bounds read might happen since `memcmp' +doesn't stop properly at the string end. + +* src/bdf/bdflib.c: s/ft_memcmp/ft_strncmp/ to make comparisons +stop at string ends. + +(cherry picked from commit 9a56764037dfc01a89fe61f5c67971bf50343d00) +--- + freetype-2.5.2/src/bdf/bdflib.c | 50 ++++++++++++++++++++--------------------- + 1 file changed, 25 insertions(+), 25 deletions(-) + +diff --git freetype-2.5.2/src/bdf/bdflib.c freetype-2.5.2/src/bdf/bdflib.c +index d613159..4192139 100644 +--- freetype-2.5.2/src/bdf/bdflib.c ++++ freetype-2.5.2/src/bdf/bdflib.c +@@ -1409,7 +1409,7 @@ + + /* If the property happens to be a comment, then it doesn't need */ + /* to be added to the internal hash table. */ +- if ( ft_memcmp( name, "COMMENT", 7 ) != 0 ) ++ if ( ft_strncmp( name, "COMMENT", 7 ) != 0 ) + { + /* Add the property to the font property table. */ + error = hash_insert( fp->name, +@@ -1427,13 +1427,13 @@ + /* FONT_ASCENT and FONT_DESCENT need to be assigned if they are */ + /* present, and the SPACING property should override the default */ + /* spacing. */ +- if ( ft_memcmp( name, "DEFAULT_CHAR", 12 ) == 0 ) ++ if ( ft_strncmp( name, "DEFAULT_CHAR", 12 ) == 0 ) + font->default_char = fp->value.l; +- else if ( ft_memcmp( name, "FONT_ASCENT", 11 ) == 0 ) ++ else if ( ft_strncmp( name, "FONT_ASCENT", 11 ) == 0 ) + font->font_ascent = fp->value.l; +- else if ( ft_memcmp( name, "FONT_DESCENT", 12 ) == 0 ) ++ else if ( ft_strncmp( name, "FONT_DESCENT", 12 ) == 0 ) + font->font_descent = fp->value.l; +- else if ( ft_memcmp( name, "SPACING", 7 ) == 0 ) ++ else if ( ft_strncmp( name, "SPACING", 7 ) == 0 ) + { + if ( !fp->value.atom ) + { +@@ -1491,7 +1491,7 @@ + memory = font->memory; + + /* Check for a comment. */ +- if ( ft_memcmp( line, "COMMENT", 7 ) == 0 ) ++ if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) + { + linelen -= 7; + +@@ -1508,7 +1508,7 @@ + /* The very first thing expected is the number of glyphs. */ + if ( !( p->flags & _BDF_GLYPHS ) ) + { +- if ( ft_memcmp( line, "CHARS", 5 ) != 0 ) ++ if ( ft_strncmp( line, "CHARS", 5 ) != 0 ) + { + FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG1, lineno, "CHARS" )); + error = FT_THROW( Missing_Chars_Field ); +@@ -1542,7 +1542,7 @@ + } + + /* Check for the ENDFONT field. */ +- if ( ft_memcmp( line, "ENDFONT", 7 ) == 0 ) ++ if ( ft_strncmp( line, "ENDFONT", 7 ) == 0 ) + { + if ( p->flags & _BDF_GLYPH_BITS ) + { +@@ -1564,7 +1564,7 @@ + } + + /* Check for the ENDCHAR field. */ +- if ( ft_memcmp( line, "ENDCHAR", 7 ) == 0 ) ++ if ( ft_strncmp( line, "ENDCHAR", 7 ) == 0 ) + { + p->glyph_enc = 0; + p->flags &= ~_BDF_GLYPH_BITS; +@@ -1580,7 +1580,7 @@ + goto Exit; + + /* Check for the STARTCHAR field. */ +- if ( ft_memcmp( line, "STARTCHAR", 9 ) == 0 ) ++ if ( ft_strncmp( line, "STARTCHAR", 9 ) == 0 ) + { + /* Set the character name in the parse info first until the */ + /* encoding can be checked for an unencoded character. */ +@@ -1614,7 +1614,7 @@ + } + + /* Check for the ENCODING field. */ +- if ( ft_memcmp( line, "ENCODING", 8 ) == 0 ) ++ if ( ft_strncmp( line, "ENCODING", 8 ) == 0 ) + { + if ( !( p->flags & _BDF_GLYPH ) ) + { +@@ -1800,7 +1800,7 @@ + } + + /* Expect the SWIDTH (scalable width) field next. */ +- if ( ft_memcmp( line, "SWIDTH", 6 ) == 0 ) ++ if ( ft_strncmp( line, "SWIDTH", 6 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1816,7 +1816,7 @@ + } + + /* Expect the DWIDTH (scalable width) field next. */ +- if ( ft_memcmp( line, "DWIDTH", 6 ) == 0 ) ++ if ( ft_strncmp( line, "DWIDTH", 6 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1844,7 +1844,7 @@ + } + + /* Expect the BBX field next. */ +- if ( ft_memcmp( line, "BBX", 3 ) == 0 ) ++ if ( ft_strncmp( line, "BBX", 3 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1912,7 +1912,7 @@ + } + + /* And finally, gather up the bitmap. */ +- if ( ft_memcmp( line, "BITMAP", 6 ) == 0 ) ++ if ( ft_strncmp( line, "BITMAP", 6 ) == 0 ) + { + unsigned long bitmap_size; + +@@ -1987,7 +1987,7 @@ + p = (_bdf_parse_t *) client_data; + + /* Check for the end of the properties. */ +- if ( ft_memcmp( line, "ENDPROPERTIES", 13 ) == 0 ) ++ if ( ft_strncmp( line, "ENDPROPERTIES", 13 ) == 0 ) + { + /* If the FONT_ASCENT or FONT_DESCENT properties have not been */ + /* encountered yet, then make sure they are added as properties and */ +@@ -2028,12 +2028,12 @@ + } + + /* Ignore the _XFREE86_GLYPH_RANGES properties. */ +- if ( ft_memcmp( line, "_XFREE86_GLYPH_RANGES", 21 ) == 0 ) ++ if ( ft_strncmp( line, "_XFREE86_GLYPH_RANGES", 21 ) == 0 ) + goto Exit; + + /* Handle COMMENT fields and properties in a special way to preserve */ + /* the spacing. */ +- if ( ft_memcmp( line, "COMMENT", 7 ) == 0 ) ++ if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) + { + name = value = line; + value += 7; +@@ -2097,7 +2097,7 @@ + + /* Check for a comment. This is done to handle those fonts that have */ + /* comments before the STARTFONT line for some reason. */ +- if ( ft_memcmp( line, "COMMENT", 7 ) == 0 ) ++ if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) + { + if ( p->opts->keep_comments != 0 && p->font != 0 ) + { +@@ -2123,7 +2123,7 @@ + { + memory = p->memory; + +- if ( ft_memcmp( line, "STARTFONT", 9 ) != 0 ) ++ if ( ft_strncmp( line, "STARTFONT", 9 ) != 0 ) + { + /* we don't emit an error message since this code gets */ + /* explicitly caught one level higher */ +@@ -2171,7 +2171,7 @@ + } + + /* Check for the start of the properties. */ +- if ( ft_memcmp( line, "STARTPROPERTIES", 15 ) == 0 ) ++ if ( ft_strncmp( line, "STARTPROPERTIES", 15 ) == 0 ) + { + if ( !( p->flags & _BDF_FONT_BBX ) ) + { +@@ -2200,7 +2200,7 @@ + } + + /* Check for the FONTBOUNDINGBOX field. */ +- if ( ft_memcmp( line, "FONTBOUNDINGBOX", 15 ) == 0 ) ++ if ( ft_strncmp( line, "FONTBOUNDINGBOX", 15 ) == 0 ) + { + if ( !( p->flags & _BDF_SIZE ) ) + { +@@ -2231,7 +2231,7 @@ + } + + /* The next thing to check for is the FONT field. */ +- if ( ft_memcmp( line, "FONT", 4 ) == 0 ) ++ if ( ft_strncmp( line, "FONT", 4 ) == 0 ) + { + error = _bdf_list_split( &p->list, (char *)" +", line, linelen ); + if ( error ) +@@ -2266,7 +2266,7 @@ + } + + /* Check for the SIZE field. */ +- if ( ft_memcmp( line, "SIZE", 4 ) == 0 ) ++ if ( ft_strncmp( line, "SIZE", 4 ) == 0 ) + { + if ( !( p->flags & _BDF_FONT_NAME ) ) + { +@@ -2320,7 +2320,7 @@ + } + + /* Check for the CHARS field -- font properties are optional */ +- if ( ft_memcmp( line, "CHARS", 5 ) == 0 ) ++ if ( ft_strncmp( line, "CHARS", 5 ) == 0 ) + { + char nbuf[128]; + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0029-Fix-Savannah-bug-43535.-CVE-2014-9675.patch +++ freetype-2.5.2/debian/patches-freetype/0029-Fix-Savannah-bug-43535.-CVE-2014-9675.patch @@ -0,0 +1,244 @@ +From d9ed3044b65fb901c6c3a36b815a40932b450c1c Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Fri, 7 Nov 2014 07:42:33 +0100 +Subject: Fix Savannah bug #43535. CVE-2014-9675 + +* src/bdf/bdflib.c (_bdf_strncmp): New macro that checks one +character more than `strncmp'. +s/ft_strncmp/_bdf_strncmp/ everywhere. + +(cherry picked from commit 2c4832d30939b45c05757f0a05128ce64c4cacc7) +--- + freetype-2.5.2/src/bdf/bdflib.c | 62 ++++++++++++++++++++++++----------------- + 1 file changed, 37 insertions(+), 25 deletions(-) + +diff --git freetype-2.5.2/src/bdf/bdflib.c freetype-2.5.2/src/bdf/bdflib.c +index 4192139..42de23d 100644 +--- freetype-2.5.2/src/bdf/bdflib.c ++++ freetype-2.5.2/src/bdf/bdflib.c +@@ -169,6 +169,18 @@ + sizeof ( _bdf_properties[0] ); + + ++ /* An auxiliary macro to parse properties, to be used in conditionals. */ ++ /* It behaves like `strncmp' but also tests the following character */ ++ /* whether it is a whitespace or NULL. */ ++ /* `property' is a constant string of length `n' to compare with. */ ++#define _bdf_strncmp( name, property, n ) \ ++ ( ft_strncmp( name, property, n ) || \ ++ !( name[n] == ' ' || \ ++ name[n] == '\0' || \ ++ name[n] == '\n' || \ ++ name[n] == '\r' || \ ++ name[n] == '\t' ) ) ++ + /* Auto correction messages. */ + #define ACMSG1 "FONT_ASCENT property missing. " \ + "Added `FONT_ASCENT %hd'.\n" +@@ -1409,7 +1421,7 @@ + + /* If the property happens to be a comment, then it doesn't need */ + /* to be added to the internal hash table. */ +- if ( ft_strncmp( name, "COMMENT", 7 ) != 0 ) ++ if ( _bdf_strncmp( name, "COMMENT", 7 ) != 0 ) + { + /* Add the property to the font property table. */ + error = hash_insert( fp->name, +@@ -1427,13 +1439,13 @@ + /* FONT_ASCENT and FONT_DESCENT need to be assigned if they are */ + /* present, and the SPACING property should override the default */ + /* spacing. */ +- if ( ft_strncmp( name, "DEFAULT_CHAR", 12 ) == 0 ) ++ if ( _bdf_strncmp( name, "DEFAULT_CHAR", 12 ) == 0 ) + font->default_char = fp->value.l; +- else if ( ft_strncmp( name, "FONT_ASCENT", 11 ) == 0 ) ++ else if ( _bdf_strncmp( name, "FONT_ASCENT", 11 ) == 0 ) + font->font_ascent = fp->value.l; +- else if ( ft_strncmp( name, "FONT_DESCENT", 12 ) == 0 ) ++ else if ( _bdf_strncmp( name, "FONT_DESCENT", 12 ) == 0 ) + font->font_descent = fp->value.l; +- else if ( ft_strncmp( name, "SPACING", 7 ) == 0 ) ++ else if ( _bdf_strncmp( name, "SPACING", 7 ) == 0 ) + { + if ( !fp->value.atom ) + { +@@ -1491,7 +1503,7 @@ + memory = font->memory; + + /* Check for a comment. */ +- if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) ++ if ( _bdf_strncmp( line, "COMMENT", 7 ) == 0 ) + { + linelen -= 7; + +@@ -1508,7 +1520,7 @@ + /* The very first thing expected is the number of glyphs. */ + if ( !( p->flags & _BDF_GLYPHS ) ) + { +- if ( ft_strncmp( line, "CHARS", 5 ) != 0 ) ++ if ( _bdf_strncmp( line, "CHARS", 5 ) != 0 ) + { + FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG1, lineno, "CHARS" )); + error = FT_THROW( Missing_Chars_Field ); +@@ -1542,7 +1554,7 @@ + } + + /* Check for the ENDFONT field. */ +- if ( ft_strncmp( line, "ENDFONT", 7 ) == 0 ) ++ if ( _bdf_strncmp( line, "ENDFONT", 7 ) == 0 ) + { + if ( p->flags & _BDF_GLYPH_BITS ) + { +@@ -1564,7 +1576,7 @@ + } + + /* Check for the ENDCHAR field. */ +- if ( ft_strncmp( line, "ENDCHAR", 7 ) == 0 ) ++ if ( _bdf_strncmp( line, "ENDCHAR", 7 ) == 0 ) + { + p->glyph_enc = 0; + p->flags &= ~_BDF_GLYPH_BITS; +@@ -1580,7 +1592,7 @@ + goto Exit; + + /* Check for the STARTCHAR field. */ +- if ( ft_strncmp( line, "STARTCHAR", 9 ) == 0 ) ++ if ( _bdf_strncmp( line, "STARTCHAR", 9 ) == 0 ) + { + /* Set the character name in the parse info first until the */ + /* encoding can be checked for an unencoded character. */ +@@ -1614,7 +1626,7 @@ + } + + /* Check for the ENCODING field. */ +- if ( ft_strncmp( line, "ENCODING", 8 ) == 0 ) ++ if ( _bdf_strncmp( line, "ENCODING", 8 ) == 0 ) + { + if ( !( p->flags & _BDF_GLYPH ) ) + { +@@ -1800,7 +1812,7 @@ + } + + /* Expect the SWIDTH (scalable width) field next. */ +- if ( ft_strncmp( line, "SWIDTH", 6 ) == 0 ) ++ if ( _bdf_strncmp( line, "SWIDTH", 6 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1816,7 +1828,7 @@ + } + + /* Expect the DWIDTH (scalable width) field next. */ +- if ( ft_strncmp( line, "DWIDTH", 6 ) == 0 ) ++ if ( _bdf_strncmp( line, "DWIDTH", 6 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1844,7 +1856,7 @@ + } + + /* Expect the BBX field next. */ +- if ( ft_strncmp( line, "BBX", 3 ) == 0 ) ++ if ( _bdf_strncmp( line, "BBX", 3 ) == 0 ) + { + if ( !( p->flags & _BDF_ENCODING ) ) + goto Missing_Encoding; +@@ -1912,7 +1924,7 @@ + } + + /* And finally, gather up the bitmap. */ +- if ( ft_strncmp( line, "BITMAP", 6 ) == 0 ) ++ if ( _bdf_strncmp( line, "BITMAP", 6 ) == 0 ) + { + unsigned long bitmap_size; + +@@ -1987,7 +1999,7 @@ + p = (_bdf_parse_t *) client_data; + + /* Check for the end of the properties. */ +- if ( ft_strncmp( line, "ENDPROPERTIES", 13 ) == 0 ) ++ if ( _bdf_strncmp( line, "ENDPROPERTIES", 13 ) == 0 ) + { + /* If the FONT_ASCENT or FONT_DESCENT properties have not been */ + /* encountered yet, then make sure they are added as properties and */ +@@ -2028,12 +2040,12 @@ + } + + /* Ignore the _XFREE86_GLYPH_RANGES properties. */ +- if ( ft_strncmp( line, "_XFREE86_GLYPH_RANGES", 21 ) == 0 ) ++ if ( _bdf_strncmp( line, "_XFREE86_GLYPH_RANGES", 21 ) == 0 ) + goto Exit; + + /* Handle COMMENT fields and properties in a special way to preserve */ + /* the spacing. */ +- if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) ++ if ( _bdf_strncmp( line, "COMMENT", 7 ) == 0 ) + { + name = value = line; + value += 7; +@@ -2097,7 +2109,7 @@ + + /* Check for a comment. This is done to handle those fonts that have */ + /* comments before the STARTFONT line for some reason. */ +- if ( ft_strncmp( line, "COMMENT", 7 ) == 0 ) ++ if ( _bdf_strncmp( line, "COMMENT", 7 ) == 0 ) + { + if ( p->opts->keep_comments != 0 && p->font != 0 ) + { +@@ -2123,7 +2135,7 @@ + { + memory = p->memory; + +- if ( ft_strncmp( line, "STARTFONT", 9 ) != 0 ) ++ if ( _bdf_strncmp( line, "STARTFONT", 9 ) != 0 ) + { + /* we don't emit an error message since this code gets */ + /* explicitly caught one level higher */ +@@ -2171,7 +2183,7 @@ + } + + /* Check for the start of the properties. */ +- if ( ft_strncmp( line, "STARTPROPERTIES", 15 ) == 0 ) ++ if ( _bdf_strncmp( line, "STARTPROPERTIES", 15 ) == 0 ) + { + if ( !( p->flags & _BDF_FONT_BBX ) ) + { +@@ -2200,7 +2212,7 @@ + } + + /* Check for the FONTBOUNDINGBOX field. */ +- if ( ft_strncmp( line, "FONTBOUNDINGBOX", 15 ) == 0 ) ++ if ( _bdf_strncmp( line, "FONTBOUNDINGBOX", 15 ) == 0 ) + { + if ( !( p->flags & _BDF_SIZE ) ) + { +@@ -2231,7 +2243,7 @@ + } + + /* The next thing to check for is the FONT field. */ +- if ( ft_strncmp( line, "FONT", 4 ) == 0 ) ++ if ( _bdf_strncmp( line, "FONT", 4 ) == 0 ) + { + error = _bdf_list_split( &p->list, (char *)" +", line, linelen ); + if ( error ) +@@ -2266,7 +2278,7 @@ + } + + /* Check for the SIZE field. */ +- if ( ft_strncmp( line, "SIZE", 4 ) == 0 ) ++ if ( _bdf_strncmp( line, "SIZE", 4 ) == 0 ) + { + if ( !( p->flags & _BDF_FONT_NAME ) ) + { +@@ -2320,7 +2332,7 @@ + } + + /* Check for the CHARS field -- font properties are optional */ +- if ( ft_strncmp( line, "CHARS", 5 ) == 0 ) ++ if ( _bdf_strncmp( line, "CHARS", 5 ) == 0 ) + { + char nbuf[128]; + +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/0030-pcf-Fix-Savannah-bug-43774.patch +++ freetype-2.5.2/debian/patches-freetype/0030-pcf-Fix-Savannah-bug-43774.patch @@ -0,0 +1,126 @@ +From 129743cbe65b22930eae4f3e659dc79f225b249f Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Mon, 8 Dec 2014 16:01:50 +0100 +Subject: [PATCH] [pcf] Fix Savannah bug #43774. + +Work around `features' of X11's `pcfWriteFont' and `pcfReadFont' +functions. Since the PCF format doesn't have an official +specification, we have to exactly follow these functions' behaviour. + +The problem was unveiled with a patch from 2014-11-06, fixing issue #43547. + +* src/pcf/pcfread.c (pcf_read_TOC): Don't check table size for last +element. Instead, assign real size. + +(cherry picked from commit 74af85c4b62b35e55b0ce9dec55ee10cbc4962a2) +--- + freetype-2.5.2/src/pcf/pcfread.c | 54 ++++++++++++++++++++++++++++++++-------- + 1 file changed, 43 insertions(+), 11 deletions(-) + +diff --git freetype-2.5.2/src/pcf/pcfread.c freetype-2.5.2/src/pcf/pcfread.c +index f45f07a..1a1221b 100644 +--- freetype-2.5.2/src/pcf/pcfread.c ++++ freetype-2.5.2/src/pcf/pcfread.c +@@ -2,7 +2,7 @@ + + FreeType font driver for pcf fonts + +- Copyright 2000-2010, 2012, 2013 by ++ Copyright 2000-2010, 2012-2014 by + Francesco Zappa Nardelli + + Permission is hereby granted, free of charge, to any person obtaining a copy +@@ -78,7 +78,7 @@ THE SOFTWARE. + FT_FRAME_START( 16 ), + FT_FRAME_ULONG_LE( type ), + FT_FRAME_ULONG_LE( format ), +- FT_FRAME_ULONG_LE( size ), ++ FT_FRAME_ULONG_LE( size ), /* rounded up to a multiple of 4 */ + FT_FRAME_ULONG_LE( offset ), + FT_FRAME_END + }; +@@ -95,9 +95,11 @@ THE SOFTWARE. + FT_Memory memory = FT_FACE( face )->memory; + FT_UInt n; + ++ FT_ULong size; + +- if ( FT_STREAM_SEEK ( 0 ) || +- FT_STREAM_READ_FIELDS ( pcf_toc_header, toc ) ) ++ ++ if ( FT_STREAM_SEEK( 0 ) || ++ FT_STREAM_READ_FIELDS( pcf_toc_header, toc ) ) + return FT_THROW( Cannot_Open_Resource ); + + if ( toc->version != PCF_FILE_VERSION || +@@ -151,14 +153,35 @@ THE SOFTWARE. + break; + } + +- /* we now check whether the `size' and `offset' values are reasonable: */ +- /* `offset' + `size' must not exceed the stream size */ ++ /* ++ * We now check whether the `size' and `offset' values are reasonable: ++ * `offset' + `size' must not exceed the stream size. ++ * ++ * Note, however, that X11's `pcfWriteFont' routine (used by the ++ * `bdftopcf' program to create PDF font files) has two special ++ * features. ++ * ++ * - It always assigns the accelerator table a size of 100 bytes in the ++ * TOC, regardless of its real size, which can vary between 34 and 72 ++ * bytes. ++ * ++ * - Due to the way the routine is designed, it ships out the last font ++ * table with its real size, ignoring the TOC's size value. Since ++ * the TOC size values are always rounded up to a multiple of 4, the ++ * difference can be up to three bytes for all tables except the ++ * accelerator table, for which the difference can be as large as 66 ++ * bytes. ++ * ++ */ ++ + tables = face->toc.tables; +- for ( n = 0; n < toc->count; n++ ) ++ size = stream->size; ++ ++ for ( n = 0; n < toc->count - 1; n++ ) + { + /* we need two checks to avoid overflow */ +- if ( ( tables->size > stream->size ) || +- ( tables->offset > stream->size - tables->size ) ) ++ if ( ( tables->size > size ) || ++ ( tables->offset > size - tables->size ) ) + { + error = FT_THROW( Invalid_Table ); + goto Exit; +@@ -166,6 +189,15 @@ THE SOFTWARE. + tables++; + } + ++ /* no check of `tables->size' for last table element ... */ ++ if ( ( tables->offset > size ) ) ++ { ++ error = FT_THROW( Invalid_Table ); ++ goto Exit; ++ } ++ /* ... instead, we adjust `tables->size' to the real value */ ++ tables->size = size - tables->offset; ++ + #ifdef FT_DEBUG_LEVEL_TRACE + + { +@@ -714,8 +746,8 @@ THE SOFTWARE. + + FT_TRACE4(( " number of bitmaps: %d\n", nbitmaps )); + +- /* XXX: PCF_Face->nmetrics is singed FT_Long, see pcf.h */ +- if ( face->nmetrics < 0 || nbitmaps != ( FT_ULong )face->nmetrics ) ++ /* XXX: PCF_Face->nmetrics is signed FT_Long, see pcf.h */ ++ if ( face->nmetrics < 0 || nbitmaps != (FT_ULong)face->nmetrics ) + return FT_THROW( Invalid_File_Format ); + + if ( FT_NEW_ARRAY( offsets, nbitmaps ) ) +-- +2.1.4 + --- freetype-2.5.2.orig/debian/patches-freetype/CVE-2014-2240.patch +++ freetype-2.5.2/debian/patches-freetype/CVE-2014-2240.patch @@ -0,0 +1,21 @@ +From 0eae6eb0645264c98812f0095e0f5df4541830e6 Mon Sep 17 00:00:00 2001 +From: Dave Arnold +Date: Fri, 28 Feb 2014 06:40:01 +0000 +Subject: Fix Savannah bug #41697, part 1. + +* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is +invalid. In this case, it is not safe to use the length of +`hStemHintArray'; the exception has already been recorded in +`hintMask'. + +--- a/src/cff/cf2hints.c ++++ b/src/cff/cf2hints.c +@@ -781,6 +781,8 @@ + cf2_hintmask_setAll( hintMask, + cf2_arrstack_size( hStemHintArray ) + + cf2_arrstack_size( vStemHintArray ) ); ++ if ( !cf2_hintmask_isValid( hintMask ) ) ++ return; /* too many stem hints */ + } + + /* begin by clearing the map */ --- freetype-2.5.2.orig/debian/patches-freetype/CVE-2014-2241.patch +++ freetype-2.5.2/debian/patches-freetype/CVE-2014-2241.patch @@ -0,0 +1,48 @@ +From 135c3faebb96f8f550bd4f318716f2e1e095a969 Mon Sep 17 00:00:00 2001 +From: Dave Arnold +Date: Fri, 28 Feb 2014 06:42:42 +0000 +Subject: Fix Savannah bug #41697, part 2. + +* src/cff/cf2ft.c (cf2_initLocalRegionBuffer, +cf2_initGlobalRegionBuffer): It is possible for a charstring to call +a subroutine if no subroutines exist. This is an error but should +not trigger an assert. Split the assert to account for this. + +--- a/src/cff/cf2ft.c ++++ b/src/cff/cf2ft.c +@@ -508,7 +508,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->globals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -516,6 +516,8 @@ + if ( idx >= decoder->num_globals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->globals ); ++ + buf->start = + buf->ptr = decoder->globals[idx]; + buf->end = decoder->globals[idx + 1]; +@@ -581,7 +583,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->locals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -589,6 +591,8 @@ + if ( idx >= decoder->num_locals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->locals ); ++ + buf->start = + buf->ptr = decoder->locals[idx]; + buf->end = decoder->locals[idx + 1]; --- freetype-2.5.2.orig/debian/patches-freetype/enable-gxvalid-otvalid.patch +++ freetype-2.5.2/debian/patches-freetype/enable-gxvalid-otvalid.patch @@ -0,0 +1,31 @@ +Description: enable the otvalid and gxvalid table validation modules + The 'ftvalid' demo in the freetype2-demos package is only useful if certain + extra extensions are enabled in freetype. These extensions are not enabled + upstream by default, but there's no reason for us not to enable them. +Author: Paul Wise +Bug-Debian: http://bugs.debian.org/520879 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/239626 +Forwarded: not-needed + +Index: freetype-2.4.4/modules.cfg +=================================================================== +--- freetype-2.4.4.orig/modules.cfg ++++ freetype-2.4.4/modules.cfg +@@ -110,7 +110,7 @@ + AUX_MODULES += cache + + # TrueType GX/AAT table validation. Needs ftgxval.c below. +-# AUX_MODULES += gxvalid ++AUX_MODULES += gxvalid + + # Support for streams compressed with gzip (files with suffix .gz). + # +@@ -124,7 +124,7 @@ + + # OpenType table validation. Needs ftotval.c below. + # +-# AUX_MODULES += otvalid ++AUX_MODULES += otvalid + + # Auxiliary PostScript driver component to share common code. + # --- freetype-2.5.2.orig/debian/patches-freetype/enable-old-cff.patch +++ freetype-2.5.2/debian/patches-freetype/enable-old-cff.patch @@ -0,0 +1,12 @@ +diff -uNr freetype-2.5.2.orig/include/config/ftoption.h freetype-2.5.2/include/config/ftoption.h +--- freetype-2.5.2.orig/include/config/ftoption.h 2013-12-08 11:40:19.511032012 -0700 ++++ freetype-2.5.2/include/config/ftoption.h 2014-04-16 02:37:21.738068874 -0600 +@@ -765,7 +765,7 @@ + /* switch between the two engines using the `hinting-engine' property of */ + /* the cff driver module. */ + /* */ +-/* #define CFF_CONFIG_OPTION_OLD_ENGINE */ ++ #define CFF_CONFIG_OPTION_OLD_ENGINE + + + /*************************************************************************/ --- freetype-2.5.2.orig/debian/patches-freetype/enable-subpixel-rendering.patch +++ freetype-2.5.2/debian/patches-freetype/enable-subpixel-rendering.patch @@ -0,0 +1,13 @@ +Index: freetype-2.4.0/include/config/ftoption.h +=================================================================== +--- freetype-2.4.0.orig/include/config/ftoption.h ++++ freetype-2.4.0/include/config/ftoption.h +@@ -93,7 +93,7 @@ + /* This is done to allow FreeType clients to run unmodified, forcing */ + /* them to display normal gray-level anti-aliased glyphs. */ + /* */ +-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */ ++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING + + + /*************************************************************************/ --- freetype-2.5.2.orig/debian/patches-freetype/freetype-2.1.7-backwards.compat.patch +++ freetype-2.5.2/debian/patches-freetype/freetype-2.1.7-backwards.compat.patch @@ -0,0 +1,35 @@ +Index: src/base/ftapi.c +=================================================================== +--- src/base/ftapi.c.orig ++++ src/base/ftapi.c +@@ -118,4 +118,18 @@ + } + + ++ FT_BASE_DEF( FT_Short ) ++ FT_Get_Short( FT_Stream stream ) ++ { ++ return FT_GET_SHORT(); ++ } ++ ++ ++ FT_BASE_DEF( FT_Long ) ++ FT_Get_Long( FT_Stream stream ) ++ { ++ return FT_GET_LONG(); ++ } ++ ++ + /* END */ +Index: src/base/ftbase.c +=================================================================== +--- src/base/ftbase.c.orig ++++ src/base/ftbase.c +@@ -33,6 +33,7 @@ + #include "ftstream.c" + #include "fttrigon.c" + #include "ftutil.c" ++#include "ftapi.c" + + #if defined( FT_MACINTOSH ) && !defined ( DARWIN_NO_CARBON ) + #include "ftmac.c" --- freetype-2.5.2.orig/debian/patches-freetype/freetype-config.diff +++ freetype-2.5.2/debian/patches-freetype/freetype-config.diff @@ -0,0 +1,33 @@ +--- freetype-2.5.2/builds/unix/freetype-config.in~ 2013-11-12 13:33:36.147990476 +0100 ++++ freetype-2.5.2/builds/unix/freetype-config.in 2014-06-18 23:57:27.441242716 +0200 +@@ -16,7 +16,6 @@ + exec_prefix="%exec_prefix%" + exec_prefix_set="no" + includedir="%includedir%" +-libdir="%libdir%" + enable_shared="%build_libtool_libs%" + + usage() +@@ -87,6 +86,8 @@ + ;; + --libtool) + echo_libtool=yes ++ echo 2>&1 "the use of the libfreetype6.la file is deprecated in Debian/Ubuntu" ++ exit 1 + ;; + *) + usage 1 1>&2 +@@ -138,12 +139,7 @@ + + if test "$echo_libs" = "yes" ; then + libs="-lfreetype %LIBZ% %LIBBZ2% %LIBPNG% %FT2_EXTRA_LIBS%" +- if test "${SYSROOT}$libdir" != "/usr/lib" && +- test "${SYSROOT}$libdir" != "/usr/lib64"; then +- echo -L${SYSROOT}$libdir $libs +- else +- echo $libs +- fi ++ echo $libs + fi + + if test "$echo_libtool" = "yes" ; then --- freetype-2.5.2.orig/debian/patches-freetype/multi-thread-violations.patch +++ freetype-2.5.2/debian/patches-freetype/multi-thread-violations.patch @@ -0,0 +1,2105 @@ +Author: Behdad Esfahbod +Description: Multithread-safe FreeType +Forwarded: http://www.mail-archive.com/freetype-devel@nongnu.org/msg06758.html +Bug: https://bugs.freedesktop.org/show_bug.cgi?id=69034 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1199571 +Origin: upstream, https://github.com/behdad/freetype/commits/ftthread +Applied-Upstream: 2.5.6, git commits 89bc8d4d, 531d463a, 747ae2c8, 8dc86358, + a773c304, 6dfdaf4d, 51634253, 603292d7, b2ba6866, c242fe41, ae6699f8, a4117fbd, + c2733656, 6f16b100, 56ddafa0, 48c86628, 4eff854c, 264b5e46 + + +Index: freetype-2.5.2/devel/ftoption.h +=================================================================== +--- freetype-2.5.2.orig/devel/ftoption.h ++++ freetype-2.5.2/devel/ftoption.h +@@ -365,10 +365,6 @@ + /* The size in bytes of the render pool used by the scan-line converter */ + /* to do all of its work. */ + /* */ +- /* This must be greater than 4KByte if you use FreeType to rasterize */ +- /* glyphs; otherwise, you may set it to zero to avoid unnecessary */ +- /* allocation of the render pool. */ +- /* */ + #define FT_RENDER_POOL_SIZE 16384L + + +Index: freetype-2.5.2/include/config/ftoption.h +=================================================================== +--- freetype-2.5.2.orig/include/config/ftoption.h ++++ freetype-2.5.2/include/config/ftoption.h +@@ -365,10 +365,6 @@ + /* The size in bytes of the render pool used by the scan-line converter */ + /* to do all of its work. */ + /* */ +- /* This must be greater than 4KByte if you use FreeType to rasterize */ +- /* glyphs; otherwise, you may set it to zero to avoid unnecessary */ +- /* allocation of the render pool. */ +- /* */ + #define FT_RENDER_POOL_SIZE 16384L + + +Index: freetype-2.5.2/include/freetype.h +=================================================================== +--- freetype-2.5.2.orig/include/freetype.h ++++ freetype-2.5.2/include/freetype.h +@@ -332,8 +332,11 @@ + /* It also embeds a memory manager (see @FT_Memory), as well as a */ + /* scan-line converter object (see @FT_Raster). */ + /* */ +- /* In multi-threaded applications, make sure that the same FT_Library */ +- /* object or any of its children doesn't get accessed in parallel. */ ++ /* In multi-threaded applications it is easiest to use one */ ++ /* `FT_Library' object per thread. In case this is too cumbersome, */ ++ /* a single `FT_Library' object across threads is possible also */ ++ /* (since FreeType version 2.5.6), as long as a mutex lock is used */ ++ /* around @FT_New_Face and @FT_Done_Face. */ + /* */ + /* */ + /* Library objects are normally created by @FT_Init_FreeType, and */ +@@ -401,6 +404,14 @@ + /* */ + /* Use @FT_Done_Face to destroy it (along with its slot and sizes). */ + /* */ ++ /* An `FT_Face' object can only be safely used from one thread at a */ ++ /* time. Similarly, creation and destruction of `FT_Face' with the */ ++ /* same @FT_Library object can only be done from one thread at a */ ++ /* time. On the other hand, functions like @FT_Load_Glyph and its */ ++ /* siblings are thread-safe and do not need the lock to be held as */ ++ /* long as the same `FT_Face' object is not used from multiple */ ++ /* threads at the same time. */ ++ /* */ + /* */ + /* See @FT_FaceRec for the publicly accessible fields of a given face */ + /* object. */ +@@ -1701,8 +1712,8 @@ + /* use @FT_New_Library instead, followed by a call to */ + /* @FT_Add_Default_Modules (or a series of calls to @FT_Add_Module). */ + /* */ +- /* For multi-threading applications each thread should have its own */ +- /* FT_Library object. */ ++ /* See the documentation of @FT_Library and @FT_Face for */ ++ /* multi-threading issues. */ + /* */ + /* If you need reference-counting (cf. @FT_Reference_Library), use */ + /* @FT_New_Library and @FT_Done_Library. */ +Index: freetype-2.5.2/include/ftimage.h +=================================================================== +--- freetype-2.5.2.orig/include/ftimage.h ++++ freetype-2.5.2/include/ftimage.h +@@ -1179,10 +1179,10 @@ + /* FT_Raster_ResetFunc */ + /* */ + /* */ +- /* FreeType provides an area of memory called the `render pool', */ +- /* available to all registered rasters. This pool can be freely used */ +- /* during a given scan-conversion but is shared by all rasters. Its */ +- /* content is thus transient. */ ++ /* FreeType used to provide an area of memory called the `render */ ++ /* pool' available to all registered rasters. This was not thread */ ++ /* safe however and now FreeType never allocates this pool. NULL */ ++ /* is always passed in as pool_base. */ + /* */ + /* This function is called each time the render pool changes, or just */ + /* after a new raster object is created. */ +@@ -1195,10 +1195,9 @@ + /* pool_size :: The size in bytes of the render pool. */ + /* */ + /* */ +- /* Rasters can ignore the render pool and rely on dynamic memory */ ++ /* Rasters should ignore the render pool and rely on dynamic or stack */ + /* allocation if they want to (a handle to the memory allocator is */ +- /* passed to the raster constructor). However, this is not */ +- /* recommended for efficiency purposes. */ ++ /* passed to the raster constructor). */ + /* */ + typedef void + (*FT_Raster_ResetFunc)( FT_Raster raster, +Index: freetype-2.5.2/include/ftrender.h +=================================================================== +--- freetype-2.5.2.orig/include/ftrender.h ++++ freetype-2.5.2/include/ftrender.h +@@ -212,13 +212,8 @@ + /* */ + /* This doesn't change the current renderer for other formats. */ + /* */ +- /* Currently, only the B/W renderer, if compiled with */ +- /* FT_RASTER_OPTION_ANTI_ALIASING (providing a 5-levels */ +- /* anti-aliasing mode; this option must be set directly in */ +- /* `ftraster.c' and is undefined by default) accepts a single tag */ +- /* `pal5' to set its gray palette as a character string with */ +- /* 5~elements. Consequently, the third and fourth argument are zero */ +- /* normally. */ ++ /* Currently, no FreeType renderer module uses `parameters'; you */ ++ /* should thus always pass NULL as the value. */ + /* */ + FT_EXPORT( FT_Error ) + FT_Set_Renderer( FT_Library library, +Index: freetype-2.5.2/include/internal/ftobjs.h +=================================================================== +--- freetype-2.5.2.orig/include/internal/ftobjs.h ++++ freetype-2.5.2/include/internal/ftobjs.h +@@ -738,9 +738,8 @@ + /* faces_list :: The list of faces currently opened by this */ + /* driver. */ + /* */ +- /* glyph_loader :: The glyph loader for all faces managed by this */ +- /* driver. This object isn't defined for unscalable */ +- /* formats. */ ++ /* glyph_loader :: Unused. Used to be glyph loader for all faces */ ++ /* managed by this driver. */ + /* */ + typedef struct FT_DriverRec_ + { +Index: freetype-2.5.2/src/autofit/afhints.c +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afhints.c ++++ freetype-2.5.2/src/autofit/afhints.c +@@ -43,7 +43,15 @@ + AF_Segment segment = NULL; + + +- if ( axis->num_segments >= axis->max_segments ) ++ if ( axis->num_segments < AF_SEGMENTS_EMBEDDED ) ++ { ++ if ( axis->segments == NULL ) ++ { ++ axis->segments = axis->embedded.segments; ++ axis->max_segments = AF_SEGMENTS_EMBEDDED; ++ } ++ } ++ else if ( axis->num_segments >= axis->max_segments ) + { + FT_Int old_max = axis->max_segments; + FT_Int new_max = old_max; +@@ -60,8 +68,18 @@ + if ( new_max < old_max || new_max > big_max ) + new_max = big_max; + +- if ( FT_RENEW_ARRAY( axis->segments, old_max, new_max ) ) +- goto Exit; ++ if ( axis->segments == axis->embedded.segments ) ++ { ++ if ( FT_NEW_ARRAY( axis->segments, new_max ) ) ++ goto Exit; ++ ft_memcpy( axis->segments, axis->embedded.segments, ++ sizeof ( axis->embedded.segments ) ); ++ } ++ else ++ { ++ if ( FT_RENEW_ARRAY( axis->segments, old_max, new_max ) ) ++ goto Exit; ++ } + + axis->max_segments = new_max; + } +@@ -88,7 +106,15 @@ + AF_Edge edges; + + +- if ( axis->num_edges >= axis->max_edges ) ++ if ( axis->num_edges < AF_EDGES_EMBEDDED ) ++ { ++ if ( axis->edges == NULL ) ++ { ++ axis->edges = axis->embedded.edges; ++ axis->max_edges = AF_EDGES_EMBEDDED; ++ } ++ } ++ else if ( axis->num_edges >= axis->max_edges ) + { + FT_Int old_max = axis->max_edges; + FT_Int new_max = old_max; +@@ -105,8 +131,18 @@ + if ( new_max < old_max || new_max > big_max ) + new_max = big_max; + +- if ( FT_RENEW_ARRAY( axis->edges, old_max, new_max ) ) +- goto Exit; ++ if ( axis->edges == axis->embedded.edges ) ++ { ++ if ( FT_NEW_ARRAY( axis->edges, new_max ) ) ++ goto Exit; ++ ft_memcpy( axis->edges, axis->embedded.edges, ++ sizeof ( axis->embedded.edges ) ); ++ } ++ else ++ { ++ if ( FT_RENEW_ARRAY( axis->edges, old_max, new_max ) ) ++ goto Exit; ++ } + + axis->max_edges = new_max; + } +@@ -485,7 +521,8 @@ + af_glyph_hints_init( AF_GlyphHints hints, + FT_Memory memory ) + { +- FT_ZERO( hints ); ++ /* no need to initialize the embedded items */ ++ FT_MEM_ZERO( hints, sizeof ( *hints ) - sizeof ( hints->embedded ) ); + hints->memory = memory; + } + +@@ -511,20 +548,24 @@ + + axis->num_segments = 0; + axis->max_segments = 0; +- FT_FREE( axis->segments ); ++ if ( axis->segments != axis->embedded.segments ) ++ FT_FREE( axis->segments ); + + axis->num_edges = 0; + axis->max_edges = 0; +- FT_FREE( axis->edges ); ++ if ( axis->edges != axis->embedded.edges ) ++ FT_FREE( axis->edges ); + } + +- FT_FREE( hints->contours ); ++ if ( hints->contours != hints->embedded.contours ) ++ FT_FREE( hints->contours ); + hints->max_contours = 0; + hints->num_contours = 0; + +- FT_FREE( hints->points ); +- hints->num_points = 0; ++ if ( hints->points != hints->embedded.points ) ++ FT_FREE( hints->points ); + hints->max_points = 0; ++ hints->num_points = 0; + + hints->memory = NULL; + } +@@ -569,8 +610,14 @@ + /* first of all, reallocate the contours array if necessary */ + new_max = (FT_UInt)outline->n_contours; + old_max = hints->max_contours; +- if ( new_max > old_max ) ++ ++ if ( new_max <= AF_CONTOURS_EMBEDDED ) ++ hints->contours = hints->embedded.contours; ++ else if ( new_max > old_max ) + { ++ if ( hints->contours == hints->embedded.contours ) ++ hints->contours = NULL; ++ + new_max = ( new_max + 3 ) & ~3; /* round up to a multiple of 4 */ + + if ( FT_RENEW_ARRAY( hints->contours, old_max, new_max ) ) +@@ -586,8 +633,14 @@ + */ + new_max = (FT_UInt)( outline->n_points + 2 ); + old_max = hints->max_points; +- if ( new_max > old_max ) ++ ++ if ( new_max <= AF_POINTS_EMBEDDED ) ++ hints->points = hints->embedded.points; ++ else if ( new_max > old_max ) + { ++ if ( hints->points == hints->embedded.points ) ++ hints->points = NULL; ++ + new_max = ( new_max + 2 + 7 ) & ~7; /* round up to a multiple of 8 */ + + if ( FT_RENEW_ARRAY( hints->points, old_max, new_max ) ) +Index: freetype-2.5.2/src/autofit/afhints.h +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afhints.h ++++ freetype-2.5.2/src/autofit/afhints.h +@@ -322,6 +322,8 @@ + + } AF_EdgeRec; + ++#define AF_SEGMENTS_EMBEDDED 18 /* number of embedded segments */ ++#define AF_EDGES_EMBEDDED 12 /* number of embedded edges */ + + typedef struct AF_AxisHintsRec_ + { +@@ -338,9 +340,20 @@ + + AF_Direction major_dir; /* either vertical or horizontal */ + ++ /* two arrays to avoid allocation penalty */ ++ struct ++ { ++ AF_SegmentRec segments[AF_SEGMENTS_EMBEDDED]; ++ AF_EdgeRec edges[AF_EDGES_EMBEDDED]; ++ } embedded; ++ ++ + } AF_AxisHintsRec, *AF_AxisHints; + + ++#define AF_POINTS_EMBEDDED 96 /* number of embedded points */ ++#define AF_CONTOURS_EMBEDDED 8 /* number of embedded contours */ ++ + typedef struct AF_GlyphHintsRec_ + { + FT_Memory memory; +@@ -369,6 +382,14 @@ + FT_Pos xmin_delta; /* used for warping */ + FT_Pos xmax_delta; + ++ /* Two arrays to avoid allocation penalty. */ ++ /* The `embedded' structure must be the last element! */ ++ struct ++ { ++ AF_Point contours[AF_CONTOURS_EMBEDDED]; ++ AF_PointRec points[AF_POINTS_EMBEDDED]; ++ } embedded; ++ + } AF_GlyphHintsRec; + + +Index: freetype-2.5.2/src/autofit/afloader.c +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afloader.c ++++ freetype-2.5.2/src/autofit/afloader.c +@@ -26,38 +26,32 @@ + + /* Initialize glyph loader. */ + +- FT_LOCAL_DEF( FT_Error ) +- af_loader_init( AF_Module module ) ++ FT_LOCAL_DEF( void ) ++ af_loader_init( AF_Loader loader, ++ AF_GlyphHints hints ) + { +- AF_Loader loader = module->loader; +- FT_Memory memory = module->root.library->memory; +- +- + FT_ZERO( loader ); + +- af_glyph_hints_init( &loader->hints, memory ); ++ loader->hints = hints; + #ifdef FT_DEBUG_AUTOFIT +- _af_debug_hints = &loader->hints; ++ _af_debug_hints = loader->hints; + #endif +- return FT_GlyphLoader_New( memory, &loader->gloader ); + } + + + /* Reset glyph loader and compute globals if necessary. */ + + FT_LOCAL_DEF( FT_Error ) +- af_loader_reset( AF_Module module, ++ af_loader_reset( AF_Loader loader, ++ AF_Module module, + FT_Face face ) + { +- FT_Error error = FT_Err_Ok; +- AF_Loader loader = module->loader; ++ FT_Error error = FT_Err_Ok; + + + loader->face = face; + loader->globals = (AF_FaceGlobals)face->autohint.data; + +- FT_GlyphLoader_Rewind( loader->gloader ); +- + if ( loader->globals == NULL ) + { + error = af_face_globals_new( face, &loader->globals, module ); +@@ -77,42 +71,37 @@ + /* Finalize glyph loader. */ + + FT_LOCAL_DEF( void ) +- af_loader_done( AF_Module module ) ++ af_loader_done( AF_Loader loader ) + { +- AF_Loader loader = module->loader; +- +- +- af_glyph_hints_done( &loader->hints ); +- + loader->face = NULL; + loader->globals = NULL; ++ loader->hints = NULL; + + #ifdef FT_DEBUG_AUTOFIT + _af_debug_hints = NULL; + #endif +- FT_GlyphLoader_Done( loader->gloader ); +- loader->gloader = NULL; + } + + +- /* Load a single glyph component. This routine calls itself */ +- /* recursively, if necessary, and does the main work of */ +- /* `af_loader_load_glyph.' */ ++ /* Do the main work of `af_loader_load_glyph'. Note that we never */ ++ /* have to deal with composite glyphs as those get loaded into */ ++ /* FT_GLYPH_FORMAT_OUTLINE by the recursed `FT_Load_Glyph' function. */ ++ /* In the rare cases where FT_LOAD_NO_RECURSE is set, it implies */ ++ /* FT_LOAD_NO_SCALE and as such the auto-hinter is never called. */ + + static FT_Error + af_loader_load_g( AF_Loader loader, + AF_Scaler scaler, + FT_UInt glyph_index, +- FT_Int32 load_flags, +- FT_UInt depth ) ++ FT_Int32 load_flags ) + { + FT_Error error; + FT_Face face = loader->face; +- FT_GlyphLoader gloader = loader->gloader; + AF_ScriptMetrics metrics = loader->metrics; +- AF_GlyphHints hints = &loader->hints; ++ AF_GlyphHints hints = loader->hints; + FT_GlyphSlot slot = face->glyph; + FT_Slot_Internal internal = slot->internal; ++ FT_GlyphLoader gloader = internal->loader; + FT_Int32 flags; + + +@@ -144,29 +133,6 @@ + loader->trans_delta.x, + loader->trans_delta.y ); + +- /* copy the outline points in the loader's current */ +- /* extra points which are used to keep original glyph coordinates */ +- error = FT_GLYPHLOADER_CHECK_POINTS( gloader, +- slot->outline.n_points + 4, +- slot->outline.n_contours ); +- if ( error ) +- goto Exit; +- +- FT_ARRAY_COPY( gloader->current.outline.points, +- slot->outline.points, +- slot->outline.n_points ); +- +- FT_ARRAY_COPY( gloader->current.outline.contours, +- slot->outline.contours, +- slot->outline.n_contours ); +- +- FT_ARRAY_COPY( gloader->current.outline.tags, +- slot->outline.tags, +- slot->outline.n_points ); +- +- gloader->current.outline.n_points = slot->outline.n_points; +- gloader->current.outline.n_contours = slot->outline.n_contours; +- + /* compute original horizontal phantom points (and ignore */ + /* vertical ones) */ + loader->pp1.x = hints->x_delta; +@@ -192,7 +158,7 @@ + + if ( writing_system_class->script_hints_apply ) + writing_system_class->script_hints_apply( hints, +- &gloader->current.outline, ++ &gloader->base.outline, + metrics ); + } + +@@ -267,133 +233,6 @@ + slot->rsb_delta = loader->pp2.x - pp2x; + } + +- /* good, we simply add the glyph to our loader's base */ +- FT_GlyphLoader_Add( gloader ); +- break; +- +- case FT_GLYPH_FORMAT_COMPOSITE: +- { +- FT_UInt nn, num_subglyphs = slot->num_subglyphs; +- FT_UInt num_base_subgs, start_point; +- FT_SubGlyph subglyph; +- +- +- start_point = gloader->base.outline.n_points; +- +- /* first of all, copy the subglyph descriptors in the glyph loader */ +- error = FT_GlyphLoader_CheckSubGlyphs( gloader, num_subglyphs ); +- if ( error ) +- goto Exit; +- +- FT_ARRAY_COPY( gloader->current.subglyphs, +- slot->subglyphs, +- num_subglyphs ); +- +- gloader->current.num_subglyphs = num_subglyphs; +- num_base_subgs = gloader->base.num_subglyphs; +- +- /* now read each subglyph independently */ +- for ( nn = 0; nn < num_subglyphs; nn++ ) +- { +- FT_Vector pp1, pp2; +- FT_Pos x, y; +- FT_UInt num_points, num_new_points, num_base_points; +- +- +- /* gloader.current.subglyphs can change during glyph loading due */ +- /* to re-allocation -- we must recompute the current subglyph on */ +- /* each iteration */ +- subglyph = gloader->base.subglyphs + num_base_subgs + nn; +- +- pp1 = loader->pp1; +- pp2 = loader->pp2; +- +- num_base_points = gloader->base.outline.n_points; +- +- error = af_loader_load_g( loader, scaler, subglyph->index, +- load_flags, depth + 1 ); +- if ( error ) +- goto Exit; +- +- /* recompute subglyph pointer */ +- subglyph = gloader->base.subglyphs + num_base_subgs + nn; +- +- if ( subglyph->flags & FT_SUBGLYPH_FLAG_USE_MY_METRICS ) +- { +- pp1 = loader->pp1; +- pp2 = loader->pp2; +- } +- else +- { +- loader->pp1 = pp1; +- loader->pp2 = pp2; +- } +- +- num_points = gloader->base.outline.n_points; +- num_new_points = num_points - num_base_points; +- +- /* now perform the transformation required for this subglyph */ +- +- if ( subglyph->flags & ( FT_SUBGLYPH_FLAG_SCALE | +- FT_SUBGLYPH_FLAG_XY_SCALE | +- FT_SUBGLYPH_FLAG_2X2 ) ) +- { +- FT_Vector* cur = gloader->base.outline.points + +- num_base_points; +- FT_Vector* limit = cur + num_new_points; +- +- +- for ( ; cur < limit; cur++ ) +- FT_Vector_Transform( cur, &subglyph->transform ); +- } +- +- /* apply offset */ +- +- if ( !( subglyph->flags & FT_SUBGLYPH_FLAG_ARGS_ARE_XY_VALUES ) ) +- { +- FT_Int k = subglyph->arg1; +- FT_UInt l = subglyph->arg2; +- FT_Vector* p1; +- FT_Vector* p2; +- +- +- if ( start_point + k >= num_base_points || +- l >= (FT_UInt)num_new_points ) +- { +- error = FT_THROW( Invalid_Composite ); +- goto Exit; +- } +- +- l += num_base_points; +- +- /* for now, only use the current point coordinates; */ +- /* we eventually may consider another approach */ +- p1 = gloader->base.outline.points + start_point + k; +- p2 = gloader->base.outline.points + start_point + l; +- +- x = p1->x - p2->x; +- y = p1->y - p2->y; +- } +- else +- { +- x = FT_MulFix( subglyph->arg1, hints->x_scale ) + hints->x_delta; +- y = FT_MulFix( subglyph->arg2, hints->y_scale ) + hints->y_delta; +- +- x = FT_PIX_ROUND( x ); +- y = FT_PIX_ROUND( y ); +- } +- +- { +- FT_Outline dummy = gloader->base.outline; +- +- +- dummy.points += num_base_points; +- dummy.n_points = (short)num_new_points; +- +- FT_Outline_Translate( &dummy, x, y ); +- } +- } +- } + break; + + default: +@@ -402,7 +241,6 @@ + } + + Hint_Metrics: +- if ( depth == 0 ) + { + FT_BBox bbox; + FT_Vector vvector; +@@ -477,18 +315,14 @@ + slot->metrics.horiAdvance = FT_PIX_ROUND( slot->metrics.horiAdvance ); + slot->metrics.vertAdvance = FT_PIX_ROUND( slot->metrics.vertAdvance ); + +- /* now copy outline into glyph slot */ +- FT_GlyphLoader_Rewind( internal->loader ); +- error = FT_GlyphLoader_CopyPoints( internal->loader, gloader ); +- if ( error ) +- goto Exit; +- ++#if 0 + /* reassign all outline fields except flags to protect them */ + slot->outline.n_contours = internal->loader->base.outline.n_contours; + slot->outline.n_points = internal->loader->base.outline.n_points; + slot->outline.points = internal->loader->base.outline.points; + slot->outline.tags = internal->loader->base.outline.tags; + slot->outline.contours = internal->loader->base.outline.contours; ++#endif + + slot->format = FT_GLYPH_FORMAT_OUTLINE; + } +@@ -501,14 +335,14 @@ + /* Load a glyph. */ + + FT_LOCAL_DEF( FT_Error ) +- af_loader_load_glyph( AF_Module module, ++ af_loader_load_glyph( AF_Loader loader, ++ AF_Module module, + FT_Face face, + FT_UInt gindex, + FT_Int32 load_flags ) + { + FT_Error error; + FT_Size size = face->size; +- AF_Loader loader = module->loader; + AF_ScalerRec scaler; + + +@@ -526,7 +360,7 @@ + scaler.render_mode = FT_LOAD_TARGET_MODE( load_flags ); + scaler.flags = 0; /* XXX: fix this */ + +- error = af_loader_reset( module, face ); ++ error = af_loader_reset( loader, module, face ); + if ( !error ) + { + AF_ScriptMetrics metrics; +@@ -563,13 +397,13 @@ + + if ( writing_system_class->script_hints_init ) + { +- error = writing_system_class->script_hints_init( &loader->hints, ++ error = writing_system_class->script_hints_init( loader->hints, + metrics ); + if ( error ) + goto Exit; + } + +- error = af_loader_load_g( loader, &scaler, gindex, load_flags, 0 ); ++ error = af_loader_load_g( loader, &scaler, gindex, load_flags ); + } + } + Exit: +Index: freetype-2.5.2/src/autofit/afloader.h +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afloader.h ++++ freetype-2.5.2/src/autofit/afloader.h +@@ -20,13 +20,12 @@ + #define __AFLOADER_H__ + + #include "afhints.h" ++#include "afmodule.h" + #include "afglobal.h" + + + FT_BEGIN_HEADER + +- typedef struct AF_ModuleRec_* AF_Module; +- + /* + * The autofitter module's (global) data structure to communicate with + * actual fonts. If necessary, `local' data like the current face, the +@@ -42,8 +41,7 @@ + AF_FaceGlobals globals; + + /* current glyph data */ +- FT_GlyphLoader gloader; +- AF_GlyphHintsRec hints; ++ AF_GlyphHints hints; + AF_ScriptMetrics metrics; + FT_Bool transformed; + FT_Matrix trans_matrix; +@@ -55,21 +53,24 @@ + } AF_LoaderRec, *AF_Loader; + + +- FT_LOCAL( FT_Error ) +- af_loader_init( AF_Module module ); ++ FT_LOCAL( void ) ++ af_loader_init( AF_Loader loader, ++ AF_GlyphHints hints ); + + + FT_LOCAL( FT_Error ) +- af_loader_reset( AF_Module module, ++ af_loader_reset( AF_Loader loader, ++ AF_Module module, + FT_Face face ); + + + FT_LOCAL( void ) +- af_loader_done( AF_Module module ); ++ af_loader_done( AF_Loader loader ); + + + FT_LOCAL( FT_Error ) +- af_loader_load_glyph( AF_Module module, ++ af_loader_load_glyph( AF_Loader loader, ++ AF_Module module, + FT_Face face, + FT_UInt gindex, + FT_Int32 load_flags ); +Index: freetype-2.5.2/src/autofit/afmodule.c +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afmodule.c ++++ freetype-2.5.2/src/autofit/afmodule.c +@@ -208,17 +208,14 @@ + + module->fallback_script = AF_SCRIPT_FALLBACK; + +- return af_loader_init( module ); ++ return FT_Err_Ok; + } + + + FT_CALLBACK_DEF( void ) + af_autofitter_done( FT_Module ft_module ) /* AF_Module */ + { +- AF_Module module = (AF_Module)ft_module; +- +- +- af_loader_done( module ); ++ FT_UNUSED( ft_module ); + } + + +@@ -229,10 +226,25 @@ + FT_UInt glyph_index, + FT_Int32 load_flags ) + { ++ FT_Error error = FT_Err_Ok; ++ FT_Memory memory = module->root.library->memory; ++ ++ AF_GlyphHintsRec hints[1]; ++ AF_LoaderRec loader[1]; ++ + FT_UNUSED( size ); + +- return af_loader_load_glyph( module, slot->face, +- glyph_index, load_flags ); ++ ++ af_glyph_hints_init( hints, memory ); ++ af_loader_init( loader, hints ); ++ ++ error = af_loader_load_glyph( loader, module, slot->face, ++ glyph_index, load_flags ); ++ ++ af_loader_done( loader ); ++ af_glyph_hints_done( hints ); ++ ++ return error; + } + + +Index: freetype-2.5.2/src/autofit/afmodule.h +=================================================================== +--- freetype-2.5.2.orig/src/autofit/afmodule.h ++++ freetype-2.5.2/src/autofit/afmodule.h +@@ -23,17 +23,13 @@ + #include FT_INTERNAL_OBJECTS_H + #include FT_MODULE_H + +-#include "afloader.h" +- + + FT_BEGIN_HEADER + + + /* + * This is the `extended' FT_Module structure which holds the +- * autofitter's global data. Right before hinting a glyph, the data +- * specific to the glyph's face (blue zones, stem widths, etc.) are +- * loaded into `loader' (see function `af_loader_reset'). ++ * autofitter's global data. + */ + + typedef struct AF_ModuleRec_ +@@ -42,9 +38,7 @@ + + FT_UInt fallback_script; + +- AF_LoaderRec loader[1]; +- +- } AF_ModuleRec; ++ } AF_ModuleRec, *AF_Module; + + + FT_DECLARE_MODULE(autofit_module_class) +Index: freetype-2.5.2/src/base/ftobjs.c +=================================================================== +--- freetype-2.5.2.orig/src/base/ftobjs.c ++++ freetype-2.5.2/src/base/ftobjs.c +@@ -963,10 +963,6 @@ + (FT_List_Destructor)destroy_face, + driver->root.memory, + driver ); +- +- /* check whether we need to drop the driver's glyph loader */ +- if ( FT_DRIVER_USES_OUTLINES( driver ) ) +- FT_GlyphLoader_Done( driver->glyph_loader ); + } + + +@@ -4046,8 +4042,7 @@ + + default: + { +- FT_ListNode node = 0; +- FT_Bool update = 0; ++ FT_ListNode node = 0; + + + /* small shortcut for the very common case */ +@@ -4074,13 +4069,7 @@ + /* now, look for another renderer that supports the same */ + /* format. */ + renderer = FT_Lookup_Renderer( library, slot->format, &node ); +- update = 1; + } +- +- /* if we changed the current renderer for the glyph image format */ +- /* we need to select it as the next current one */ +- if ( !error && update && renderer ) +- FT_Set_Renderer( library, renderer, 0, 0 ); + } + } + +@@ -4280,17 +4269,10 @@ + /* if the module is a font driver */ + if ( FT_MODULE_IS_DRIVER( module ) ) + { +- /* allocate glyph loader if needed */ + FT_Driver driver = FT_DRIVER( module ); + + + driver->clazz = (FT_Driver_Class)module->clazz; +- if ( FT_DRIVER_USES_OUTLINES( driver ) ) +- { +- error = FT_GlyphLoader_New( memory, &driver->glyph_loader ); +- if ( error ) +- goto Fail; +- } + } + + if ( clazz->module_init ) +@@ -4307,15 +4289,6 @@ + return error; + + Fail: +- if ( FT_MODULE_IS_DRIVER( module ) ) +- { +- FT_Driver driver = FT_DRIVER( module ); +- +- +- if ( FT_DRIVER_USES_OUTLINES( driver ) ) +- FT_GlyphLoader_Done( driver->glyph_loader ); +- } +- + if ( FT_MODULE_IS_RENDERER( module ) ) + { + FT_Renderer renderer = FT_RENDERER( module ); +@@ -4630,12 +4603,9 @@ + goto Fail; + #endif + +- /* allocate the render pool */ +- library->raster_pool_size = FT_RENDER_POOL_SIZE; +-#if FT_RENDER_POOL_SIZE > 0 +- if ( FT_ALLOC( library->raster_pool, FT_RENDER_POOL_SIZE ) ) +- goto Fail; +-#endif ++ /* we don't use raster_pool anymore. */ ++ library->raster_pool_size = 0; ++ library->raster_pool = NULL; + + library->version_major = FREETYPE_MAJOR; + library->version_minor = FREETYPE_MINOR; +@@ -4648,6 +4618,8 @@ + + return FT_Err_Ok; + ++ /* Fix compilation warning */ ++ goto Fail; + Fail: + #ifdef FT_CONFIG_OPTION_PIC + ft_pic_container_destroy( library ); +@@ -4784,10 +4756,6 @@ + } + #endif + +- /* Destroy raster objects */ +- FT_FREE( library->raster_pool ); +- library->raster_pool_size = 0; +- + #ifdef FT_CONFIG_OPTION_PIC + /* Destroy pic container contents */ + ft_pic_container_destroy( library ); +Index: freetype-2.5.2/src/base/ftoutln.c +=================================================================== +--- freetype-2.5.2.orig/src/base/ftoutln.c ++++ freetype-2.5.2/src/base/ftoutln.c +@@ -606,7 +606,6 @@ + FT_Raster_Params* params ) + { + FT_Error error; +- FT_Bool update = FALSE; + FT_Renderer renderer; + FT_ListNode node; + +@@ -637,14 +636,8 @@ + /* format */ + renderer = FT_Lookup_Renderer( library, FT_GLYPH_FORMAT_OUTLINE, + &node ); +- update = TRUE; + } + +- /* if we changed the current renderer for the glyph image format */ +- /* we need to select it as the next current one */ +- if ( !error && update && renderer ) +- FT_Set_Renderer( library, renderer, 0, 0 ); +- + return error; + } + +Index: freetype-2.5.2/src/raster/ftraster.c +=================================================================== +--- freetype-2.5.2.orig/src/raster/ftraster.c ++++ freetype-2.5.2/src/raster/ftraster.c +@@ -150,14 +150,6 @@ + /* define DEBUG_RASTER if you want to compile a debugging version */ + /* #define DEBUG_RASTER */ + +- /* define FT_RASTER_OPTION_ANTI_ALIASING if you want to support */ +- /* 5-levels anti-aliasing */ +-/* #define FT_RASTER_OPTION_ANTI_ALIASING */ +- +- /* The size of the two-lines intermediate bitmap used */ +- /* for anti-aliasing, in bytes. */ +-#define RASTER_GRAY_LINES 2048 +- + + /*************************************************************************/ + /*************************************************************************/ +@@ -514,9 +506,6 @@ + + Short traceIncr; /* sweep's increment in target bitmap */ + +- Short gray_min_x; /* current min x during gray rendering */ +- Short gray_max_x; /* current max x during gray rendering */ +- + /* dispatch variables */ + + Function_Sweep_Init* Proc_Sweep_Init; +@@ -529,45 +518,19 @@ + Bool second_pass; /* indicates whether a horizontal pass */ + /* should be performed to control */ + /* drop-out accurately when calling */ +- /* Render_Glyph. Note that there is */ +- /* no horizontal pass during gray */ +- /* rendering. */ ++ /* Render_Glyph. */ + + TPoint arcs[3 * MaxBezier + 1]; /* The Bezier stack */ + + black_TBand band_stack[16]; /* band stack used for sub-banding */ + Int band_top; /* band stack top */ + +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- +- Byte* grays; +- +- Byte gray_lines[RASTER_GRAY_LINES]; +- /* Intermediate table used to render the */ +- /* graylevels pixmaps. */ +- /* gray_lines is a buffer holding two */ +- /* monochrome scanlines */ +- +- Short gray_width; /* width in bytes of one monochrome */ +- /* intermediate scanline of gray_lines. */ +- /* Each gray pixel takes 2 bits long there */ +- +- /* The gray_lines must hold 2 lines, thus with size */ +- /* in bytes of at least `gray_width*2'. */ +- +-#endif /* FT_RASTER_ANTI_ALIASING */ +- + }; + + + typedef struct black_TRaster_ + { +- char* buffer; +- long buffer_size; + void* memory; +- black_PWorker worker; +- Byte grays[5]; +- Short gray_width; + + } black_TRaster, *black_PRaster; + +@@ -583,70 +546,6 @@ + #endif /* !FT_STATIC_RASTER */ + + +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- +- /* A lookup table used to quickly count set bits in four gray 2x2 */ +- /* cells. The values of the table have been produced with the */ +- /* following code: */ +- /* */ +- /* for ( i = 0; i < 256; i++ ) */ +- /* { */ +- /* l = 0; */ +- /* j = i; */ +- /* */ +- /* for ( c = 0; c < 4; c++ ) */ +- /* { */ +- /* l <<= 4; */ +- /* */ +- /* if ( j & 0x80 ) l++; */ +- /* if ( j & 0x40 ) l++; */ +- /* */ +- /* j = ( j << 2 ) & 0xFF; */ +- /* } */ +- /* printf( "0x%04X", l ); */ +- /* } */ +- /* */ +- +- static const short count_table[256] = +- { +- 0x0000, 0x0001, 0x0001, 0x0002, 0x0010, 0x0011, 0x0011, 0x0012, +- 0x0010, 0x0011, 0x0011, 0x0012, 0x0020, 0x0021, 0x0021, 0x0022, +- 0x0100, 0x0101, 0x0101, 0x0102, 0x0110, 0x0111, 0x0111, 0x0112, +- 0x0110, 0x0111, 0x0111, 0x0112, 0x0120, 0x0121, 0x0121, 0x0122, +- 0x0100, 0x0101, 0x0101, 0x0102, 0x0110, 0x0111, 0x0111, 0x0112, +- 0x0110, 0x0111, 0x0111, 0x0112, 0x0120, 0x0121, 0x0121, 0x0122, +- 0x0200, 0x0201, 0x0201, 0x0202, 0x0210, 0x0211, 0x0211, 0x0212, +- 0x0210, 0x0211, 0x0211, 0x0212, 0x0220, 0x0221, 0x0221, 0x0222, +- 0x1000, 0x1001, 0x1001, 0x1002, 0x1010, 0x1011, 0x1011, 0x1012, +- 0x1010, 0x1011, 0x1011, 0x1012, 0x1020, 0x1021, 0x1021, 0x1022, +- 0x1100, 0x1101, 0x1101, 0x1102, 0x1110, 0x1111, 0x1111, 0x1112, +- 0x1110, 0x1111, 0x1111, 0x1112, 0x1120, 0x1121, 0x1121, 0x1122, +- 0x1100, 0x1101, 0x1101, 0x1102, 0x1110, 0x1111, 0x1111, 0x1112, +- 0x1110, 0x1111, 0x1111, 0x1112, 0x1120, 0x1121, 0x1121, 0x1122, +- 0x1200, 0x1201, 0x1201, 0x1202, 0x1210, 0x1211, 0x1211, 0x1212, +- 0x1210, 0x1211, 0x1211, 0x1212, 0x1220, 0x1221, 0x1221, 0x1222, +- 0x1000, 0x1001, 0x1001, 0x1002, 0x1010, 0x1011, 0x1011, 0x1012, +- 0x1010, 0x1011, 0x1011, 0x1012, 0x1020, 0x1021, 0x1021, 0x1022, +- 0x1100, 0x1101, 0x1101, 0x1102, 0x1110, 0x1111, 0x1111, 0x1112, +- 0x1110, 0x1111, 0x1111, 0x1112, 0x1120, 0x1121, 0x1121, 0x1122, +- 0x1100, 0x1101, 0x1101, 0x1102, 0x1110, 0x1111, 0x1111, 0x1112, +- 0x1110, 0x1111, 0x1111, 0x1112, 0x1120, 0x1121, 0x1121, 0x1122, +- 0x1200, 0x1201, 0x1201, 0x1202, 0x1210, 0x1211, 0x1211, 0x1212, +- 0x1210, 0x1211, 0x1211, 0x1212, 0x1220, 0x1221, 0x1221, 0x1222, +- 0x2000, 0x2001, 0x2001, 0x2002, 0x2010, 0x2011, 0x2011, 0x2012, +- 0x2010, 0x2011, 0x2011, 0x2012, 0x2020, 0x2021, 0x2021, 0x2022, +- 0x2100, 0x2101, 0x2101, 0x2102, 0x2110, 0x2111, 0x2111, 0x2112, +- 0x2110, 0x2111, 0x2111, 0x2112, 0x2120, 0x2121, 0x2121, 0x2122, +- 0x2100, 0x2101, 0x2101, 0x2102, 0x2110, 0x2111, 0x2111, 0x2112, +- 0x2110, 0x2111, 0x2111, 0x2112, 0x2120, 0x2121, 0x2121, 0x2122, +- 0x2200, 0x2201, 0x2201, 0x2202, 0x2210, 0x2211, 0x2211, 0x2212, +- 0x2210, 0x2211, 0x2211, 0x2212, 0x2220, 0x2221, 0x2221, 0x2222 +- }; +- +-#endif /* FT_RASTER_OPTION_ANTI_ALIASING */ +- +- +- + /*************************************************************************/ + /*************************************************************************/ + /** **/ +@@ -2083,7 +1982,8 @@ + /* to be drawn. */ + + lastProfile = ras.cProfile; +- if ( ras.cProfile->flags & Flow_Up ) ++ if ( ras.top != ras.cProfile->offset && ++ ( ras.cProfile->flags & Flow_Up ) ) + o = IS_TOP_OVERSHOOT( ras.lastY ); + else + o = IS_BOTTOM_OVERSHOOT( ras.lastY ); +@@ -2268,9 +2168,6 @@ + ras.traceOfs = -*min * pitch; + if ( pitch > 0 ) + ras.traceOfs += ( ras.target.rows - 1 ) * pitch; +- +- ras.gray_min_x = 0; +- ras.gray_max_x = 0; + } + + +@@ -2315,11 +2212,6 @@ + f1 = (Byte) ( 0xFF >> ( e1 & 7 ) ); + f2 = (Byte) ~( 0x7F >> ( e2 & 7 ) ); + +- if ( ras.gray_min_x > c1 ) +- ras.gray_min_x = (short)c1; +- if ( ras.gray_max_x < c2 ) +- ras.gray_max_x = (short)c2; +- + target = ras.bTarget + ras.traceOfs + c1; + c2 -= c1; + +@@ -2483,11 +2375,6 @@ + c1 = (Short)( e1 >> 3 ); + f1 = (Short)( e1 & 7 ); + +- if ( ras.gray_min_x > c1 ) +- ras.gray_min_x = c1; +- if ( ras.gray_max_x < c1 ) +- ras.gray_max_x = c1; +- + ras.bTarget[ras.traceOfs + c1] |= (char)( 0x80 >> f1 ); + } + } +@@ -2692,249 +2579,6 @@ + } + + +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- +- +- /*************************************************************************/ +- /* */ +- /* Vertical Gray Sweep Procedure Set */ +- /* */ +- /* These two routines are used during the vertical gray-levels sweep */ +- /* phase by the generic Draw_Sweep() function. */ +- /* */ +- /* NOTES */ +- /* */ +- /* - The target pixmap's width *must* be a multiple of 4. */ +- /* */ +- /* - You have to use the function Vertical_Sweep_Span() for the gray */ +- /* span call. */ +- /* */ +- /*************************************************************************/ +- +- static void +- Vertical_Gray_Sweep_Init( RAS_ARGS Short* min, +- Short* max ) +- { +- Long pitch, byte_len; +- +- +- *min = *min & -2; +- *max = ( *max + 3 ) & -2; +- +- ras.traceOfs = 0; +- pitch = ras.target.pitch; +- byte_len = -pitch; +- ras.traceIncr = (Short)byte_len; +- ras.traceG = ( *min / 2 ) * byte_len; +- +- if ( pitch > 0 ) +- { +- ras.traceG += ( ras.target.rows - 1 ) * pitch; +- byte_len = -byte_len; +- } +- +- ras.gray_min_x = (Short)byte_len; +- ras.gray_max_x = -(Short)byte_len; +- } +- +- +- static void +- Vertical_Gray_Sweep_Step( RAS_ARG ) +- { +- short* count = (short*)count_table; +- Byte* grays; +- +- +- ras.traceOfs += ras.gray_width; +- +- if ( ras.traceOfs > ras.gray_width ) +- { +- PByte pix; +- +- +- pix = ras.gTarget + ras.traceG + ras.gray_min_x * 4; +- grays = ras.grays; +- +- if ( ras.gray_max_x >= 0 ) +- { +- Long last_pixel = ras.target.width - 1; +- Int last_cell = last_pixel >> 2; +- Int last_bit = last_pixel & 3; +- Bool over = 0; +- +- Int c1, c2; +- PByte bit, bit2; +- +- +- if ( ras.gray_max_x >= last_cell && last_bit != 3 ) +- { +- ras.gray_max_x = last_cell - 1; +- over = 1; +- } +- +- if ( ras.gray_min_x < 0 ) +- ras.gray_min_x = 0; +- +- bit = ras.bTarget + ras.gray_min_x; +- bit2 = bit + ras.gray_width; +- +- c1 = ras.gray_max_x - ras.gray_min_x; +- +- while ( c1 >= 0 ) +- { +- c2 = count[*bit] + count[*bit2]; +- +- if ( c2 ) +- { +- pix[0] = grays[(c2 >> 12) & 0x000F]; +- pix[1] = grays[(c2 >> 8 ) & 0x000F]; +- pix[2] = grays[(c2 >> 4 ) & 0x000F]; +- pix[3] = grays[ c2 & 0x000F]; +- +- *bit = 0; +- *bit2 = 0; +- } +- +- bit++; +- bit2++; +- pix += 4; +- c1--; +- } +- +- if ( over ) +- { +- c2 = count[*bit] + count[*bit2]; +- if ( c2 ) +- { +- switch ( last_bit ) +- { +- case 2: +- pix[2] = grays[(c2 >> 4 ) & 0x000F]; +- case 1: +- pix[1] = grays[(c2 >> 8 ) & 0x000F]; +- default: +- pix[0] = grays[(c2 >> 12) & 0x000F]; +- } +- +- *bit = 0; +- *bit2 = 0; +- } +- } +- } +- +- ras.traceOfs = 0; +- ras.traceG += ras.traceIncr; +- +- ras.gray_min_x = 32000; +- ras.gray_max_x = -32000; +- } +- } +- +- +- static void +- Horizontal_Gray_Sweep_Span( RAS_ARGS Short y, +- FT_F26Dot6 x1, +- FT_F26Dot6 x2, +- PProfile left, +- PProfile right ) +- { +- /* nothing, really */ +- FT_UNUSED_RASTER; +- FT_UNUSED( y ); +- FT_UNUSED( x1 ); +- FT_UNUSED( x2 ); +- FT_UNUSED( left ); +- FT_UNUSED( right ); +- } +- +- +- static void +- Horizontal_Gray_Sweep_Drop( RAS_ARGS Short y, +- FT_F26Dot6 x1, +- FT_F26Dot6 x2, +- PProfile left, +- PProfile right ) +- { +- Long e1, e2; +- PByte pixel; +- +- +- /* During the horizontal sweep, we only take care of drop-outs */ +- +- e1 = CEILING( x1 ); +- e2 = FLOOR ( x2 ); +- +- if ( e1 > e2 ) +- { +- Int dropOutControl = left->flags & 7; +- +- +- if ( e1 == e2 + ras.precision ) +- { +- switch ( dropOutControl ) +- { +- case 0: /* simple drop-outs including stubs */ +- e1 = e2; +- break; +- +- case 4: /* smart drop-outs including stubs */ +- e1 = FLOOR( ( x1 + x2 - 1 ) / 2 + ras.precision_half ); +- break; +- +- case 1: /* simple drop-outs excluding stubs */ +- case 5: /* smart drop-outs excluding stubs */ +- /* see Vertical_Sweep_Drop for details */ +- +- /* rightmost stub test */ +- if ( left->next == right && left->height <= 0 ) +- return; +- +- /* leftmost stub test */ +- if ( right->next == left && left->start == y ) +- return; +- +- if ( dropOutControl == 1 ) +- e1 = e2; +- else +- e1 = FLOOR( ( x1 + x2 - 1 ) / 2 + ras.precision_half ); +- +- break; +- +- default: /* modes 2, 3, 6, 7 */ +- return; /* no drop-out control */ +- } +- } +- else +- return; +- } +- +- if ( e1 >= 0 ) +- { +- Byte color; +- +- +- if ( x2 - x1 >= ras.precision_half ) +- color = ras.grays[2]; +- else +- color = ras.grays[1]; +- +- e1 = TRUNC( e1 ) / 2; +- if ( e1 < ras.target.rows ) +- { +- pixel = ras.gTarget - e1 * ras.target.pitch + y / 2; +- if ( ras.target.pitch > 0 ) +- pixel += ( ras.target.rows - 1 ) * ras.target.pitch; +- +- if ( pixel[0] == ras.grays[0] ) +- pixel[0] = color; +- } +- } +- } +- +- +-#endif /* FT_RASTER_OPTION_ANTI_ALIASING */ +- +- + /*************************************************************************/ + /* */ + /* Generic Sweep Drawing routine */ +@@ -3329,118 +2973,10 @@ + } + + +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- +- /*************************************************************************/ +- /* */ +- /* */ +- /* Render_Gray_Glyph */ +- /* */ +- /* */ +- /* Render a glyph with grayscaling. Sub-banding if needed. */ +- /* */ +- /* */ +- /* FreeType error code. 0 means success. */ +- /* */ +- FT_LOCAL_DEF( FT_Error ) +- Render_Gray_Glyph( RAS_ARG ) +- { +- Long pixel_width; +- FT_Error error; +- +- +- Set_High_Precision( RAS_VARS ras.outline.flags & +- FT_OUTLINE_HIGH_PRECISION ); +- ras.scale_shift = ras.precision_shift + 1; +- +- if ( ras.outline.flags & FT_OUTLINE_IGNORE_DROPOUTS ) +- ras.dropOutControl = 2; +- else +- { +- if ( ras.outline.flags & FT_OUTLINE_SMART_DROPOUTS ) +- ras.dropOutControl = 4; +- else +- ras.dropOutControl = 0; +- +- if ( !( ras.outline.flags & FT_OUTLINE_INCLUDE_STUBS ) ) +- ras.dropOutControl += 1; +- } +- +- ras.second_pass = !( ras.outline.flags & FT_OUTLINE_SINGLE_PASS ); +- +- /* Vertical Sweep */ +- +- ras.band_top = 0; +- ras.band_stack[0].y_min = 0; +- ras.band_stack[0].y_max = 2 * ras.target.rows - 1; +- +- ras.bWidth = ras.gray_width; +- pixel_width = 2 * ( ( ras.target.width + 3 ) >> 2 ); +- +- if ( ras.bWidth > pixel_width ) +- ras.bWidth = pixel_width; +- +- ras.bWidth = ras.bWidth * 8; +- ras.bTarget = (Byte*)ras.gray_lines; +- ras.gTarget = (Byte*)ras.target.buffer; +- +- ras.Proc_Sweep_Init = Vertical_Gray_Sweep_Init; +- ras.Proc_Sweep_Span = Vertical_Sweep_Span; +- ras.Proc_Sweep_Drop = Vertical_Sweep_Drop; +- ras.Proc_Sweep_Step = Vertical_Gray_Sweep_Step; +- +- error = Render_Single_Pass( RAS_VARS 0 ); +- if ( error ) +- return error; +- +- /* Horizontal Sweep */ +- if ( ras.second_pass && ras.dropOutControl != 2 ) +- { +- ras.Proc_Sweep_Init = Horizontal_Sweep_Init; +- ras.Proc_Sweep_Span = Horizontal_Gray_Sweep_Span; +- ras.Proc_Sweep_Drop = Horizontal_Gray_Sweep_Drop; +- ras.Proc_Sweep_Step = Horizontal_Sweep_Step; +- +- ras.band_top = 0; +- ras.band_stack[0].y_min = 0; +- ras.band_stack[0].y_max = ras.target.width * 2 - 1; +- +- error = Render_Single_Pass( RAS_VARS 1 ); +- if ( error ) +- return error; +- } +- +- return Raster_Err_None; +- } +- +-#else /* !FT_RASTER_OPTION_ANTI_ALIASING */ +- +- FT_LOCAL_DEF( FT_Error ) +- Render_Gray_Glyph( RAS_ARG ) +- { +- FT_UNUSED_RASTER; +- +- return FT_THROW( Unsupported ); +- } +- +-#endif /* !FT_RASTER_OPTION_ANTI_ALIASING */ +- +- + static void + ft_black_init( black_PRaster raster ) + { +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- FT_UInt n; +- +- +- /* set default 5-levels gray palette */ +- for ( n = 0; n < 5; n++ ) +- raster->grays[n] = n * 255 / 4; +- +- raster->gray_width = RASTER_GRAY_LINES / 2; +-#else + FT_UNUSED( raster ); +-#endif + } + + +@@ -3517,25 +3053,9 @@ + char* pool_base, + long pool_size ) + { +- if ( raster ) +- { +- if ( pool_base && pool_size >= (long)sizeof ( black_TWorker ) + 2048 ) +- { +- black_PWorker worker = (black_PWorker)pool_base; +- +- +- raster->buffer = pool_base + ( ( sizeof ( *worker ) + 7 ) & ~7 ); +- raster->buffer_size = (long)( pool_base + pool_size - +- (char*)raster->buffer ); +- raster->worker = worker; +- } +- else +- { +- raster->buffer = NULL; +- raster->buffer_size = 0; +- raster->worker = NULL; +- } +- } ++ FT_UNUSED( raster ); ++ FT_UNUSED( pool_base ); ++ FT_UNUSED( pool_size ); + } + + +@@ -3544,25 +3064,9 @@ + unsigned long mode, + const char* palette ) + { +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- +- if ( mode == FT_MAKE_TAG( 'p', 'a', 'l', '5' ) ) +- { +- /* set 5-levels gray palette */ +- raster->grays[0] = palette[0]; +- raster->grays[1] = palette[1]; +- raster->grays[2] = palette[2]; +- raster->grays[3] = palette[3]; +- raster->grays[4] = palette[4]; +- } +- +-#else +- + FT_UNUSED( raster ); + FT_UNUSED( mode ); + FT_UNUSED( palette ); +- +-#endif + } + + +@@ -3572,10 +3076,13 @@ + { + const FT_Outline* outline = (const FT_Outline*)params->source; + const FT_Bitmap* target_map = params->target; +- black_PWorker worker; + ++ black_TWorker worker[1]; + +- if ( !raster || !raster->buffer || !raster->buffer_size ) ++ Long buffer[FT_MAX( FT_RENDER_POOL_SIZE, 2048 ) / sizeof ( Long )]; ++ ++ ++ if ( !raster ) + return FT_THROW( Not_Ini ); + + if ( !outline ) +@@ -3592,12 +3099,13 @@ + outline->contours[outline->n_contours - 1] + 1 ) + return FT_THROW( Invalid ); + +- worker = raster->worker; +- + /* this version of the raster does not support direct rendering, sorry */ + if ( params->flags & FT_RASTER_FLAG_DIRECT ) + return FT_THROW( Unsupported ); + ++ if ( params->flags & FT_RASTER_FLAG_AA ) ++ return FT_THROW( Unsupported ); ++ + if ( !target_map ) + return FT_THROW( Invalid ); + +@@ -3611,19 +3119,10 @@ + ras.outline = *outline; + ras.target = *target_map; + +- worker->buff = (PLong) raster->buffer; +- worker->sizeBuff = worker->buff + +- raster->buffer_size / sizeof ( Long ); +-#ifdef FT_RASTER_OPTION_ANTI_ALIASING +- worker->grays = raster->grays; +- worker->gray_width = raster->gray_width; +- +- FT_MEM_ZERO( worker->gray_lines, worker->gray_width * 2 ); +-#endif ++ worker->buff = buffer; ++ worker->sizeBuff = (&buffer)[1]; /* Points to right after buffer. */ + +- return ( params->flags & FT_RASTER_FLAG_AA ) +- ? Render_Gray_Glyph( RAS_VAR ) +- : Render_Glyph( RAS_VAR ); ++ return Render_Glyph( RAS_VAR ); + } + + +Index: freetype-2.5.2/src/raster/ftrend1.c +=================================================================== +--- freetype-2.5.2.orig/src/raster/ftrend1.c ++++ freetype-2.5.2/src/raster/ftrend1.c +@@ -120,38 +120,11 @@ + } + + /* check rendering mode */ +-#ifndef FT_CONFIG_OPTION_PIC + if ( mode != FT_RENDER_MODE_MONO ) + { + /* raster1 is only capable of producing monochrome bitmaps */ +- if ( render->clazz == &ft_raster1_renderer_class ) +- return FT_THROW( Cannot_Render_Glyph ); ++ return FT_THROW( Cannot_Render_Glyph ); + } +- else +- { +- /* raster5 is only capable of producing 5-gray-levels bitmaps */ +- if ( render->clazz == &ft_raster5_renderer_class ) +- return FT_THROW( Cannot_Render_Glyph ); +- } +-#else /* FT_CONFIG_OPTION_PIC */ +- /* When PIC is enabled, we cannot get to the class object */ +- /* so instead we check the final character in the class name */ +- /* ("raster5" or "raster1"). Yes this is a hack. */ +- /* The "correct" thing to do is have different render function */ +- /* for each of the classes. */ +- if ( mode != FT_RENDER_MODE_MONO ) +- { +- /* raster1 is only capable of producing monochrome bitmaps */ +- if ( render->clazz->root.module_name[6] == '1' ) +- return FT_THROW( Cannot_Render_Glyph ); +- } +- else +- { +- /* raster5 is only capable of producing 5-gray-levels bitmaps */ +- if ( render->clazz->root.module_name[6] == '5' ) +- return FT_THROW( Cannot_Render_Glyph ); +- } +-#endif /* FT_CONFIG_OPTION_PIC */ + + outline = &slot->outline; + +@@ -194,19 +167,8 @@ + slot->internal->flags &= ~FT_GLYPH_OWN_BITMAP; + } + +- /* allocate new one, depends on pixel format */ +- if ( !( mode & FT_RENDER_MODE_MONO ) ) +- { +- /* we pad to 32 bits, only for backwards compatibility with FT 1.x */ +- pitch = FT_PAD_CEIL( width, 4 ); +- bitmap->pixel_mode = FT_PIXEL_MODE_GRAY; +- bitmap->num_grays = 256; +- } +- else +- { +- pitch = ( ( width + 15 ) >> 4 ) << 1; +- bitmap->pixel_mode = FT_PIXEL_MODE_MONO; +- } ++ pitch = ( ( width + 15 ) >> 4 ) << 1; ++ bitmap->pixel_mode = FT_PIXEL_MODE_MONO; + + bitmap->width = width; + bitmap->rows = height; +@@ -225,9 +187,6 @@ + params.source = outline; + params.flags = 0; + +- if ( bitmap->pixel_mode == FT_PIXEL_MODE_GRAY ) +- params.flags |= FT_RASTER_FLAG_AA; +- + /* render outline into the bitmap */ + error = render->raster_render( render->raster, ¶ms ); + +Index: freetype-2.5.2/src/smooth/ftgrays.c +=================================================================== +--- freetype-2.5.2.orig/src/smooth/ftgrays.c ++++ freetype-2.5.2/src/smooth/ftgrays.c +@@ -461,11 +461,7 @@ + + typedef struct gray_TRaster_ + { +- void* buffer; +- long buffer_size; +- int band_size; + void* memory; +- gray_PWorker worker; + + } gray_TRaster, *gray_PRaster; + +@@ -1940,12 +1936,17 @@ + gray_raster_render( gray_PRaster raster, + const FT_Raster_Params* params ) + { +- const FT_Outline* outline = (const FT_Outline*)params->source; +- const FT_Bitmap* target_map = params->target; +- gray_PWorker worker; ++ const FT_Outline* outline = (const FT_Outline*)params->source; ++ const FT_Bitmap* target_map = params->target; + ++ gray_TWorker worker[1]; + +- if ( !raster || !raster->buffer || !raster->buffer_size ) ++ TCell buffer[FT_MAX( FT_RENDER_POOL_SIZE, 2048 ) / sizeof ( TCell )]; ++ long buffer_size = sizeof ( buffer ); ++ int band_size = (int)( buffer_size / ( sizeof ( TCell ) * 8 ) ); ++ ++ ++ if ( !raster ) + return FT_THROW( Invalid_Argument ); + + if ( !outline ) +@@ -1962,8 +1963,6 @@ + outline->contours[outline->n_contours - 1] + 1 ) + return FT_THROW( Invalid_Outline ); + +- worker = raster->worker; +- + /* if direct mode is not set, we must have a target bitmap */ + if ( !( params->flags & FT_RASTER_FLAG_DIRECT ) ) + { +@@ -2001,13 +2000,14 @@ + ras.clip_box.yMax = 32767L; + } + +- gray_init_cells( RAS_VAR_ raster->buffer, raster->buffer_size ); ++ gray_init_cells( RAS_VAR_ buffer, buffer_size ); + + ras.outline = *outline; + ras.num_cells = 0; + ras.invalid = 1; +- ras.band_size = raster->band_size; ++ ras.band_size = band_size; + ras.num_gray_spans = 0; ++ ras.span_y = 0; + + if ( params->flags & FT_RASTER_FLAG_DIRECT ) + { +@@ -2091,34 +2091,9 @@ + char* pool_base, + long pool_size ) + { +- gray_PRaster rast = (gray_PRaster)raster; +- +- +- if ( raster ) +- { +- if ( pool_base && pool_size >= (long)sizeof ( gray_TWorker ) + 2048 ) +- { +- gray_PWorker worker = (gray_PWorker)pool_base; +- +- +- rast->worker = worker; +- rast->buffer = pool_base + +- ( ( sizeof ( gray_TWorker ) + +- sizeof ( TCell ) - 1 ) & +- ~( sizeof ( TCell ) - 1 ) ); +- rast->buffer_size = (long)( ( pool_base + pool_size ) - +- (char*)rast->buffer ) & +- ~( sizeof ( TCell ) - 1 ); +- rast->band_size = (int)( rast->buffer_size / +- ( sizeof ( TCell ) * 8 ) ); +- } +- else +- { +- rast->buffer = NULL; +- rast->buffer_size = 0; +- rast->worker = NULL; +- } +- } ++ FT_UNUSED( raster ); ++ FT_UNUSED( pool_base ); ++ FT_UNUSED( pool_size ); + } + + +Index: freetype-2.5.2/src/truetype/ttgload.c +=================================================================== +--- freetype-2.5.2.orig/src/truetype/ttgload.c ++++ freetype-2.5.2/src/truetype/ttgload.c +@@ -802,7 +802,6 @@ + + if ( n_ins > 0 ) + { +- FT_Bool debug; + FT_Error error; + + FT_GlyphLoader gloader = loader->gloader; +@@ -817,10 +816,7 @@ + loader->exec->is_composite = is_composite; + loader->exec->pts = *zone; + +- debug = FT_BOOL( !( loader->load_flags & FT_LOAD_NO_SCALE ) && +- ((TT_Size)loader->size)->debug ); +- +- error = TT_Run_Context( loader->exec, debug ); ++ error = TT_Run_Context( loader->exec ); + if ( error && loader->exec->pedantic_hinting ) + return error; + +@@ -2116,8 +2112,7 @@ + } + + /* query new execution context */ +- exec = size->debug ? size->context +- : ( (TT_Driver)FT_FACE_DRIVER( face ) )->context; ++ exec = size->context; + if ( !exec ) + return FT_THROW( Could_Not_Find_Context ); + +Index: freetype-2.5.2/src/truetype/ttinterp.c +=================================================================== +--- freetype-2.5.2.orig/src/truetype/ttinterp.c ++++ freetype-2.5.2/src/truetype/ttinterp.c +@@ -714,12 +714,8 @@ + /* */ + /* TrueType error code. 0 means success. */ + /* */ +- /* */ +- /* Only the glyph loader and debugger should call this function. */ +- /* */ + FT_LOCAL_DEF( FT_Error ) +- TT_Run_Context( TT_ExecContext exec, +- FT_Bool debug ) ++ TT_Run_Context( TT_ExecContext exec ) + { + FT_Error error; + +@@ -754,16 +750,7 @@ + exec->top = 0; + exec->callTop = 0; + +-#if 1 +- FT_UNUSED( debug ); +- + return exec->face->interpreter( exec ); +-#else +- if ( !debug ) +- return TT_RunIns( exec ); +- else +- return FT_Err_Ok; +-#endif + } + + +@@ -796,32 +783,26 @@ + FT_EXPORT_DEF( TT_ExecContext ) + TT_New_Context( TT_Driver driver ) + { +- TT_ExecContext exec; + FT_Memory memory; ++ FT_Error error; + ++ TT_ExecContext exec; + +- memory = driver->root.root.memory; +- exec = driver->context; +- +- if ( !driver->context ) +- { +- FT_Error error; +- +- +- /* allocate object */ +- if ( FT_NEW( exec ) ) +- goto Fail; ++ if ( !driver ) ++ goto Fail; + +- /* initialize it; in case of error this deallocates `exec' too */ +- error = Init_Context( exec, memory ); +- if ( error ) +- goto Fail; ++ memory = driver->root.root.memory; + +- /* store it into the driver */ +- driver->context = exec; +- } ++ /* allocate object */ ++ if ( FT_NEW( exec ) ) ++ goto Fail; ++ ++ /* initialize it; in case of error this deallocates `exec' too */ ++ error = Init_Context( exec, memory ); ++ if ( error ) ++ goto Fail; + +- return driver->context; ++ return exec; + + Fail: + return NULL; +Index: freetype-2.5.2/src/truetype/ttinterp.h +=================================================================== +--- freetype-2.5.2.orig/src/truetype/ttinterp.h ++++ freetype-2.5.2/src/truetype/ttinterp.h +@@ -340,6 +340,7 @@ + /* */ + /* */ + /* Only the glyph loader and debugger should call this function. */ ++ /* (And right now only the glyph loader uses it.) */ + /* */ + FT_EXPORT( TT_ExecContext ) + TT_New_Context( TT_Driver driver ); +@@ -359,8 +360,7 @@ + TT_Size ins ); + + FT_LOCAL( FT_Error ) +- TT_Run_Context( TT_ExecContext exec, +- FT_Bool debug ); ++ TT_Run_Context( TT_ExecContext exec ); + #endif /* TT_USE_BYTECODE_INTERPRETER */ + + +Index: freetype-2.5.2/src/truetype/ttobjs.c +=================================================================== +--- freetype-2.5.2.orig/src/truetype/ttobjs.c ++++ freetype-2.5.2/src/truetype/ttobjs.c +@@ -751,14 +751,7 @@ + FT_Error error; + + +- /* debugging instances have their own context */ +- if ( size->debug ) +- exec = size->context; +- else +- exec = ( (TT_Driver)FT_FACE_DRIVER( face ) )->context; +- +- if ( !exec ) +- return FT_THROW( Could_Not_Find_Context ); ++ exec = size->context; + + TT_Load_Context( exec, face, size ); + +@@ -845,14 +838,7 @@ + FT_Error error; + + +- /* debugging instances have their own context */ +- if ( size->debug ) +- exec = size->context; +- else +- exec = ( (TT_Driver)FT_FACE_DRIVER( face ) )->context; +- +- if ( !exec ) +- return FT_THROW( Could_Not_Find_Context ); ++ exec = size->context; + + TT_Load_Context( exec, face, size ); + +@@ -872,14 +858,11 @@ + + if ( face->cvt_program_size > 0 ) + { +- error = TT_Goto_CodeRange( exec, tt_coderange_cvt, 0 ); ++ TT_Goto_CodeRange( exec, tt_coderange_cvt, 0 ); + +- if ( !error && !size->debug ) +- { +- FT_TRACE4(( "Executing `prep' table.\n" )); ++ FT_TRACE4(( "Executing `prep' table.\n" )); + +- error = face->interpreter( exec ); +- } ++ error = face->interpreter( exec ); + } + else + error = FT_Err_Ok; +@@ -924,12 +907,10 @@ + TT_Face face = (TT_Face)ftsize->face; + FT_Memory memory = face->root.memory; + +- +- if ( size->debug ) ++ if ( size->context ) + { +- /* the debug context must be deleted by the debugger itself */ ++ TT_Done_Context( size->context ); + size->context = NULL; +- size->debug = FALSE; + } + + FT_FREE( size->cvt ); +@@ -977,6 +958,8 @@ + size->bytecode_ready = 1; + size->cvt_ready = 0; + ++ size->context = TT_New_Context( (TT_Driver)face->root.driver ); ++ + size->max_function_defs = maxp->maxFunctionDefs; + size->max_instruction_defs = maxp->maxInstructionDefs; + +@@ -1261,10 +1244,6 @@ + + TT_Driver driver = (TT_Driver)ttdriver; + +- +- if ( !TT_New_Context( driver ) ) +- return FT_THROW( Could_Not_Find_Context ); +- + #ifdef TT_CONFIG_OPTION_SUBPIXEL_HINTING + driver->interpreter_version = TT_INTERPRETER_VERSION_38; + #else +@@ -1295,20 +1274,7 @@ + FT_LOCAL_DEF( void ) + tt_driver_done( FT_Module ttdriver ) /* TT_Driver */ + { +-#ifdef TT_USE_BYTECODE_INTERPRETER +- TT_Driver driver = (TT_Driver)ttdriver; +- +- +- /* destroy the execution context */ +- if ( driver->context ) +- { +- TT_Done_Context( driver->context ); +- driver->context = NULL; +- } +-#else + FT_UNUSED( ttdriver ); +-#endif +- + } + + +Index: freetype-2.5.2/src/truetype/ttobjs.h +=================================================================== +--- freetype-2.5.2.orig/src/truetype/ttobjs.h ++++ freetype-2.5.2/src/truetype/ttobjs.h +@@ -324,13 +324,6 @@ + + TT_GlyphZoneRec twilight; /* The instance's twilight zone */ + +- /* debugging variables */ +- +- /* When using the debugger, we must keep the */ +- /* execution context tied to the instance */ +- /* object rather than asking it on demand. */ +- +- FT_Bool debug; + TT_ExecContext context; + + FT_Bool bytecode_ready; +@@ -349,7 +342,6 @@ + { + FT_DriverRec root; + +- TT_ExecContext context; /* execution context */ + TT_GlyphZoneRec zone; /* glyph loader points zone */ + + FT_UInt interpreter_version; --- freetype-2.5.2.orig/debian/patches-freetype/no-uninitialized-bbox.patch +++ freetype-2.5.2/debian/patches-freetype/no-uninitialized-bbox.patch @@ -0,0 +1,17 @@ +Description: ensure that our variable is reliably initialized before use + This fixes a build failure on ppc64el when building with -O3. +Author: Steve Langasek + +Index: freetype-2.5.2/src/base/ftoutln.c +=================================================================== +--- freetype-2.5.2.orig/src/base/ftoutln.c ++++ freetype-2.5.2/src/base/ftoutln.c +@@ -1027,7 +1027,7 @@ + FT_EXPORT_DEF( FT_Orientation ) + FT_Outline_Get_Orientation( FT_Outline* outline ) + { +- FT_BBox cbox; ++ FT_BBox cbox = {0,0,0,0}; + FT_Int xshift, yshift; + FT_Vector* points; + FT_Vector v_prev, v_cur; --- freetype-2.5.2.orig/debian/patches-freetype/revert_scalable_fonts_metric.patch +++ freetype-2.5.2/debian/patches-freetype/revert_scalable_fonts_metric.patch @@ -0,0 +1,16 @@ +# Description: revert commit which creates regressions in gtk +# Ubuntu: https://bugs.launchpad.net/freetype/+bug/972223 +# Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=636776 +--- a/src/truetype/ttdriver.c ++++ b/src/truetype/ttdriver.c +@@ -246,10 +246,7 @@ + FT_Request_Metrics( size->face, req ); + + if ( FT_IS_SCALABLE( size->face ) ) +- { + error = tt_size_reset( ttsize ); +- ttsize->root.metrics = ttsize->metrics; +- } + + return error; + } --- freetype-2.5.2.orig/debian/patches-freetype/savannah-bug-41309.patch +++ freetype-2.5.2/debian/patches-freetype/savannah-bug-41309.patch @@ -0,0 +1,271 @@ +From 8b281f83e8516535756f92dbf90940ac44bd45e1 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg +Date: Thu, 23 Jan 2014 07:14:53 +0000 +Subject: Fix Savannah bug #41309. + +* src/type1/t1load.c (t1_parse_font_matrix): Properly handle result +of `T1_ToFixedArray'. + +* src/cid/cidload.c (cid_parse_font_matrix): Synchronize with +`t1_parse_font_matrix'. + +* src/type42/t42parse.c (t42_parse_font_matrix): Synchronize with +`t1_parse_font_matrix'. +(t42_parse_encoding): Synchronize with `t1_parse_encoding'. + +* src/psaux/psobjs.c (ps_parser_load_field) , +: Properly handle result of `ps_tofixedarray'. +--- +diff --git a/src/cid/cidload.c b/src/cid/cidload.c +index 46def71..1cda0ee 100644 +--- a/src/cid/cidload.c ++++ b/src/cid/cidload.c +@@ -4,7 +4,7 @@ + /* */ + /* CID-keyed Type1 font loader (body). */ + /* */ +-/* Copyright 1996-2006, 2009, 2011-2013 by */ ++/* Copyright 1996-2006, 2009, 2011-2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -160,16 +160,26 @@ + { + FT_Matrix* matrix; + FT_Vector* offset; ++ FT_Int result; + + + dict = face->cid.font_dicts + parser->num_dict; + matrix = &dict->font_matrix; + offset = &dict->font_offset; + +- (void)cid_parser_to_fixed_array( parser, 6, temp, 3 ); ++ result = cid_parser_to_fixed_array( parser, 6, temp, 3 ); ++ ++ if ( result < 6 ) ++ return FT_THROW( Invalid_File_Format ); + + temp_scale = FT_ABS( temp[3] ); + ++ if ( temp_scale == 0 ) ++ { ++ FT_ERROR(( "cid_parse_font_matrix: invalid font matrix\n" )); ++ return FT_THROW( Invalid_File_Format ); ++ } ++ + /* Set Units per EM based on FontMatrix values. We set the value to */ + /* 1000 / temp_scale, because temp_scale was already multiplied by */ + /* 1000 (in t1_tofixed, from psobjs.c). */ +@@ -184,7 +194,7 @@ + temp[2] = FT_DivFix( temp[2], temp_scale ); + temp[4] = FT_DivFix( temp[4], temp_scale ); + temp[5] = FT_DivFix( temp[5], temp_scale ); +- temp[3] = 0x10000L; ++ temp[3] = temp[3] < 0 ? -0x10000L : 0x10000L; + } + + matrix->xx = temp[0]; +@@ -197,8 +207,7 @@ + offset->y = temp[5] >> 16; + } + +- return FT_Err_Ok; /* this is a callback function; */ +- /* we must return an error code */ ++ return FT_Err_Ok; + } + + +diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c +index dd976d3..b4b7d45 100644 +--- a/src/psaux/psobjs.c ++++ b/src/psaux/psobjs.c +@@ -4,7 +4,7 @@ + /* */ + /* Auxiliary functions for PostScript fonts (body). */ + /* */ +-/* Copyright 1996-2013 by */ ++/* Copyright 1996-2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -847,6 +847,8 @@ + /* first character must be a delimiter or a part of a number */ + /* NB: `values' can be NULL if we just want to skip the */ + /* array; in this case we ignore `max_values' */ ++ /* */ ++ /* return number of successfully parsed values */ + + static FT_Int + ps_tofixedarray( FT_Byte* *acur, +@@ -1200,7 +1202,7 @@ + + result = ps_tofixedarray( &cur, limit, 4, temp, 0 ); + +- if ( result < 0 ) ++ if ( result < 4 ) + { + FT_ERROR(( "ps_parser_load_field:" + " expected four integers in bounding box\n" )); +@@ -1230,7 +1232,7 @@ + { + result = ps_tofixedarray( &cur, limit, max_objects, + temp + i * max_objects, 0 ); +- if ( result < 0 ) ++ if ( result < 0 || (FT_UInt)result < max_objects ) + { + FT_ERROR(( "ps_parser_load_field:" + " expected %d integers in the %s subarray\n" +diff --git a/src/type1/t1load.c b/src/type1/t1load.c +index 4b5026b..d4171d9 100644 +--- a/src/type1/t1load.c ++++ b/src/type1/t1load.c +@@ -4,7 +4,7 @@ + /* */ + /* Type 1 font loader (body). */ + /* */ +-/* Copyright 1996-2013 by */ ++/* Copyright 1996-2014 by */ + /* David Turner, Robert Wilhelm, and Werner Lemberg. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -1107,7 +1107,7 @@ + + result = T1_ToFixedArray( parser, 6, temp, 3 ); + +- if ( result < 0 ) ++ if ( result < 6 ) + { + parser->root.error = FT_THROW( Invalid_File_Format ); + return; +diff --git a/src/type42/t42parse.c b/src/type42/t42parse.c +index 3cdd8a1..9b66888 100644 +--- a/src/type42/t42parse.c ++++ b/src/type42/t42parse.c +@@ -4,7 +4,7 @@ + /* */ + /* Type 42 font parser (body). */ + /* */ +-/* Copyright 2002-2013 by */ ++/* Copyright 2002-2014 by */ + /* Roberto Alameda. */ + /* */ + /* This file is part of the FreeType project, and may only be used, */ +@@ -255,12 +255,26 @@ + FT_Face root = (FT_Face)&face->root; + FT_Fixed temp[6]; + FT_Fixed temp_scale; ++ FT_Int result; + + +- (void)T1_ToFixedArray( parser, 6, temp, 3 ); ++ result = T1_ToFixedArray( parser, 6, temp, 3 ); ++ ++ if ( result < 6 ) ++ { ++ parser->root.error = FT_THROW( Invalid_File_Format ); ++ return; ++ } + + temp_scale = FT_ABS( temp[3] ); + ++ if ( temp_scale == 0 ) ++ { ++ FT_ERROR(( "t1_parse_font_matrix: invalid font matrix\n" )); ++ parser->root.error = FT_THROW( Invalid_File_Format ); ++ return; ++ } ++ + /* Set Units per EM based on FontMatrix values. We set the value to */ + /* 1000 / temp_scale, because temp_scale was already multiplied by */ + /* 1000 (in t1_tofixed, from psobjs.c). */ +@@ -275,7 +289,7 @@ + temp[2] = FT_DivFix( temp[2], temp_scale ); + temp[4] = FT_DivFix( temp[4], temp_scale ); + temp[5] = FT_DivFix( temp[5], temp_scale ); +- temp[3] = 0x10000L; ++ temp[3] = temp[3] < 0 ? -0x10000L : 0x10000L; + } + + matrix->xx = temp[0]; +@@ -314,7 +328,7 @@ + if ( ft_isdigit( *cur ) || *cur == '[' ) + { + T1_Encoding encode = &face->type1.encoding; +- FT_UInt count, n; ++ FT_Int count, n; + PS_Table char_table = &loader->encoding_table; + FT_Memory memory = parser->root.memory; + FT_Error error; +@@ -329,7 +343,7 @@ + parser->root.cursor++; + } + else +- count = (FT_UInt)T1_ToInt( parser ); ++ count = (FT_Int)T1_ToInt( parser ); + + T1_Skip_Spaces( parser ); + if ( parser->root.cursor >= limit ) +@@ -417,7 +431,7 @@ + + cur = parser->root.cursor; + +- if ( *cur == '/' && cur + 2 < limit && n < count ) ++ if ( cur + 2 < limit && *cur == '/' && n < count ) + { + FT_PtrDist len; + +@@ -426,6 +440,8 @@ + + parser->root.cursor = cur; + T1_Skip_PS_Token( parser ); ++ if ( parser->root.cursor >= limit ) ++ return; + if ( parser->root.error ) + return; + +@@ -439,6 +455,19 @@ + + n++; + } ++ else if ( only_immediates ) ++ { ++ /* Since the current position is not updated for */ ++ /* immediates-only mode we would get an infinite loop if */ ++ /* we don't do anything here. */ ++ /* */ ++ /* This encoding array is not valid according to the type1 */ ++ /* specification (it might be an encoding for a CID type1 */ ++ /* font, however), so we conclude that this font is NOT a */ ++ /* type1 font. */ ++ parser->root.error = FT_THROW( Unknown_File_Format ); ++ return; ++ } + } + else + { +@@ -450,8 +479,8 @@ + T1_Skip_Spaces( parser ); + } + +- face->type1.encoding_type = T1_ENCODING_TYPE_ARRAY; +- parser->root.cursor = cur; ++ face->type1.encoding_type = T1_ENCODING_TYPE_ARRAY; ++ parser->root.cursor = cur; + } + + /* Otherwise, we should have either `StandardEncoding', */ +@@ -471,10 +500,7 @@ + face->type1.encoding_type = T1_ENCODING_TYPE_ISOLATIN1; + + else +- { +- FT_ERROR(( "t42_parse_encoding: invalid token\n" )); +- parser->root.error = FT_THROW( Invalid_File_Format ); +- } ++ parser->root.error = FT_THROW( Ignore ); + } + } + +-- +cgit v0.9.0.2 --- freetype-2.5.2.orig/debian/patches-freetype/series +++ freetype-2.5.2/debian/patches-freetype/series @@ -0,0 +1,42 @@ +no-uninitialized-bbox.patch +freetype-2.1.7-backwards.compat.patch -p0 +enable-subpixel-rendering.patch +enable-gxvalid-otvalid.patch +revert_scalable_fonts_metric.patch +enable-old-cff.patch +CVE-2014-2240.patch +CVE-2014-2241.patch +0001-Fix-Savannah-bug-40997.patch +0002-Fix-Savannah-bug-42418.patch +freetype-config.diff +verbose-libtool.patch +multi-thread-violations.patch +0003-sfnt-Fix-Savannah-bug-43680.-CVE-2014-9656.patch +0004-truetype-Fix-Savannah-bug-43679.-CVE-2014-9657.patch +0005-sfnt-Fix-Savannah-bug-43672.-CVE-2014-9658.patch +0006-cff-Fix-Savannah-bug-43661.-CVE-2014-9659.patch +0007-bdf-Fix-Savannah-bug-43660.-CVE-2014-9660.patch +0008-type42-Allow-only-embedded-TrueType-fonts.-CVE-2014-.patch +0009-cff-Fix-Savannah-bug-43658.-CVE-2014-9662.patch +0010-sfnt-Fix-Savannah-bug-43656.-CVE-2014-9663.patch +0011-type1-type42-Fix-Savannah-bug-43655.-CVE-2014-9664.patch +0012-Make-FT_Bitmap_Convert-correctly-handle-negative-pit.patch +0013-Fix-uninitialized-variable-warning.-CVE-2014-9665-fi.patch +0014-Change-some-fields-in-FT_Bitmap-to-unsigned-type.-CV.patch +0015-sfnt-Fix-Savannah-bug-43591.-CVE-2014-9666.patch +0016-sfnt-Fix-Savannah-bug-43590.-CVE-2014-9667.patch +0017-sfnt-Fix-Savannah-bug-43589.-CVE-2014-9668.patch +0018-sfnt-Fix-Savannah-bug-43588.-CVE-2014-9669.patch +0019-Fix-Savannah-bug-43548.-CVE-2014-9670.patch +0020-Fix-Savannah-bug-43547.-CVE-2014-9671.patch +0021-Fix-Savannah-bug-43540.-CVE-2014-9672.patch +0022-src-base-ftobjs.c-Mac_Read_POST_Resource-Avoid-memor.patch +0023-Fix-Savannah-bug-43539.-CVE-2014-9673.patch +0024-Fix-Savannah-bug-43538.-CVE-2014-9674-part-1.patch +0025-src-base-ftobjs.c-Mac_Read_POST_Resource-Use-unsigne.patch +0026-src-base-ftobjs.c-Mac_Read_POST_Resource-Insert-comm.patch +0027-src-base-ftobj.c-Mac_Read_POST_Resource-Additional-C.patch +0028-bdf-Fix-Savannah-bug-41692.-CVE-2014-9675-fixup-1.patch +0029-Fix-Savannah-bug-43535.-CVE-2014-9675.patch +0030-pcf-Fix-Savannah-bug-43774.patch +savannah-bug-41309.patch --- freetype-2.5.2.orig/debian/patches-freetype/verbose-libtool.patch +++ freetype-2.5.2/debian/patches-freetype/verbose-libtool.patch @@ -0,0 +1,19 @@ +Description: don't let libtool suppress compiler output + We always want to see the compiler output when building, so that in the + event of a build failure we have debuggable logs. Don't let libtool + suppress this output. +Author: Steve Langasek + +Index: freetype-2.5.2/builds/unix/unix-cc.in +=================================================================== +--- freetype-2.5.2.orig/builds/unix/unix-cc.in ++++ freetype-2.5.2/builds/unix/unix-cc.in +@@ -89,7 +89,7 @@ + # + # + CCraw := $(CC) +-CC := $(LIBTOOL) --mode=compile $(CCraw) ++CC := $(LIBTOOL) --mode=compile $(CCraw) -no-suppress + + # Linker flags. + # --- freetype-2.5.2.orig/debian/patches-ft2demos/compiler_hardening_fixes.patch +++ freetype-2.5.2/debian/patches-ft2demos/compiler_hardening_fixes.patch @@ -0,0 +1,67 @@ +Index: ft2demos-2.5.1/src/ftcommon.c +=================================================================== +--- ft2demos-2.5.1.orig/src/ftcommon.c ++++ ft2demos-2.5.1/src/ftcommon.c +@@ -417,6 +417,7 @@ + + if ( file == NULL ) /* shouldn't happen */ + { ++ free( (void *)font->filepathname ); + free( font ); + return FT_Err_Invalid_Argument; + } +@@ -426,7 +427,15 @@ + fseek( file, 0, SEEK_SET ); + + font->file_address = malloc( file_size ); +- fread( font->file_address, 1, file_size, file ); ++ ++ if (fread( font->file_address, 1, file_size, file ) < file_size) ++ { ++ fclose( file ); ++ free( font->file_address ); ++ free( (void *)font->filepathname ); ++ free( font ); ++ return FT_Err_Invalid_Argument; ++ } + + font->file_size = file_size; + +Index: ft2demos-2.5.1/src/ftdiff.c +=================================================================== +--- ft2demos-2.5.1.orig/src/ftdiff.c ++++ ft2demos-2.5.1/src/ftdiff.c +@@ -1442,8 +1442,13 @@ + + if ( text != NULL ) + { +- fread( text, tsize, 1, tfile ); +- text[tsize] = 0; ++ if (fread( text, tsize, 1, tfile ) < 1) { ++ fprintf( stderr, "could not read '%s'\n", textfile ); ++ free( text ); ++ text = (char *)default_text; ++ } else { ++ text[tsize] = 0; ++ } + } + else + { +Index: ft2demos-2.5.1/src/ttdebug.c +=================================================================== +--- ft2demos-2.5.1.orig/src/ttdebug.c ++++ ft2demos-2.5.1/src/ttdebug.c +@@ -1905,11 +1905,11 @@ + + FT_Library_Version( library, &major, &minor, &patch ); + +- offset = snprintf( version_string, 64 + 1, ++ offset = snprintf( version_string, 64, + "ttdebug (FreeType) %d.%d", + major, minor ); + if ( patch ) +- offset = snprintf( version_string + offset, 64 + 1 - offset, ++ offset = snprintf( version_string + offset, 64 - offset, + ".%d", + patch ); + } --- freetype-2.5.2.orig/debian/patches-ft2demos/ft2demos-2.1.7-no-rpath.patch +++ freetype-2.5.2/debian/patches-ft2demos/ft2demos-2.1.7-no-rpath.patch @@ -0,0 +1,19 @@ +Index: graph/x11/rules.mk +=================================================================== +--- graph/x11/rules.mk.orig 2003-06-16 01:37:10.000000000 -0700 ++++ graph/x11/rules.mk 2006-03-05 11:57:36.000000000 -0800 +@@ -67,9 +67,11 @@ + # The GRAPH_LINK variable is expanded each time an executable is linked + # against the graphics library. + # +- ifeq ($(PLATFORM),unix) +- GRAPH_LINK += $(X11_LIB:%=-R%) +- endif ++ # No, we do not want rpath on Debian; reversing YAMANO-UCHI Hidetoshi's ++ # 2003-06-13 change. (Anthony Fok, 2003-08-28) ++ #ifeq ($(PLATFORM),unix) ++ # GRAPH_LINK += $(X11_LIB:%=-R%) ++ #endif + GRAPH_LINK += $(X11_LIB:%=-L%) -lX11 + + # Solaris needs a -lsocket in GRAPH_LINK. --- freetype-2.5.2.orig/debian/patches-ft2demos/ft2demos-broken-internal-includes.patch +++ freetype-2.5.2/debian/patches-ft2demos/ft2demos-broken-internal-includes.patch @@ -0,0 +1,41 @@ +Index: src/ftcommon.i +=================================================================== +--- src/ftcommon.i.orig 2005-05-26 22:49:41.000000000 -0700 ++++ src/ftcommon.i 2006-03-05 11:54:24.000000000 -0800 +@@ -21,9 +21,6 @@ + #include FT_BITMAP_H + #include FT_SYNTHESIS_H + +- /* the following header shouldn't be used in normal programs */ +-#include FT_INTERNAL_DEBUG_H +- + #include "common.h" + + #include +Index: src/ftdump.c +=================================================================== +--- src/ftdump.c.orig 2004-05-10 13:54:54.000000000 -0700 ++++ src/ftdump.c 2006-03-05 11:54:24.000000000 -0800 +@@ -13,7 +13,8 @@ + #include FT_SFNT_NAMES_H + #include FT_TRUETYPE_IDS_H + +- /* the following header shouldn't be used in normal programs */ ++ /* the following headers shouldn't be used in normal programs */ ++#include "freetype/internal/internal.h" + #include FT_INTERNAL_DEBUG_H + + /* showing driver name */ +Index: src/ftvalid.c +=================================================================== +--- src/ftvalid.c.orig 2005-05-23 13:42:39.000000000 -0700 ++++ src/ftvalid.c 2006-03-05 11:54:24.000000000 -0800 +@@ -17,6 +17,8 @@ + #include + + #include FT_FREETYPE_H ++/* XXX: these are internal headers and should never be used */ ++#include "freetype/internal/internal.h" + #include FT_INTERNAL_DEBUG_H + #include FT_INTERNAL_VALIDATE_H + #include FT_TRUETYPE_TABLES_H --- freetype-2.5.2.orig/debian/patches-ft2demos/ft2demos-ftview-wrong-types +++ freetype-2.5.2/debian/patches-ft2demos/ft2demos-ftview-wrong-types @@ -0,0 +1,47 @@ +Index: ft2demos-2.1.10/src/ftview.c +=================================================================== +--- ft2demos-2.1.10.orig/src/ftview.c 2005-05-25 11:31:14.000000000 -0700 ++++ ft2demos-2.1.10/src/ftview.c 2006-04-28 01:44:44.000000000 -0700 +@@ -865,10 +865,6 @@ + debug = 1; + break; + +- case 'D': +- dump_cache_stats = 1; +- break; +- + case 'e': + encoding = (FT_Encoding)make_tag( optarg ); + break; +@@ -1053,19 +1049,6 @@ + grWriteCellString( &bit, 0, 8, Header, fore_color ); + grRefreshSurface( surface ); + +- if ( dump_cache_stats ) +- { +- /* dump simple cache manager statistics */ +- fprintf( stderr, "cache manager [ nodes, bytes, average ] = " +- " [ %d, %ld, %f ]\n", +- cache_manager->num_nodes, +- cache_manager->cur_weight, +- cache_manager->num_nodes > 0 +- ? cache_manager->cur_weight * 1.0 / +- cache_manager->num_nodes +- : 0.0 ); +- } +- + grListenSurface( surface, 0, &event ); + if ( !( key = Process_Event( &event ) ) ) + goto End; +Index: ft2demos-2.1.10/src/ftcommon.i +=================================================================== +--- ft2demos-2.1.10.orig/src/ftcommon.i 2006-04-27 23:46:09.000000000 -0700 ++++ ft2demos-2.1.10/src/ftcommon.i 2006-04-28 01:45:41.000000000 -0700 +@@ -186,7 +186,6 @@ + + FTC_ImageTypeRec current_font; + +- int dump_cache_stats = 0; /* do we need to dump cache statistics? */ + int use_sbits_cache = 1; + + int num_indices; /* number of glyphs or characters */ --- freetype-2.5.2.orig/debian/patches-ft2demos/revert-wrong-extern.patch +++ freetype-2.5.2/debian/patches-ft2demos/revert-wrong-extern.patch @@ -0,0 +1,25 @@ +Description: revert wrong upstream commit that causes a build failure. + Reverts upstream commit fb964cdcd8fddd7722826379c28bcbece7b1d8fd, which + wrongly claims to be fixing C++ compilation. There's a better fix for that, + stop using a C++ compiler to build your C program! +Author: Steve Langasek + +Index: ft2demos-2.5.1/src/ftgrid.c +=================================================================== +--- ft2demos-2.5.1.orig/src/ftgrid.c ++++ ft2demos-2.5.1/src/ftgrid.c +@@ -53,10 +53,10 @@ + struct AF_GlyphHintsRec_; + typedef struct AF_GlyphHintsRec_* AF_GlyphHints; + +- extern int _af_debug_disable_horz_hints; +- extern int _af_debug_disable_vert_hints; +- extern int _af_debug_disable_blue_hints; +- extern AF_GlyphHints _af_debug_hints; ++ int _af_debug_disable_horz_hints; ++ int _af_debug_disable_vert_hints; ++ int _af_debug_disable_blue_hints; ++ AF_GlyphHints _af_debug_hints; + + #ifdef __cplusplus + extern "C" { --- freetype-2.5.2.orig/debian/patches-ft2demos/series +++ freetype-2.5.2/debian/patches-ft2demos/series @@ -0,0 +1,3 @@ +ft2demos-2.1.7-no-rpath.patch -p0 +compiler_hardening_fixes.patch +revert-wrong-extern.patch --- freetype-2.5.2.orig/debian/rules +++ freetype-2.5.2/debian/rules @@ -0,0 +1,158 @@ +#!/usr/bin/make -f +# +# This is free software; see the GNU General Public Licence +# version 2 or later for copying conditions. There is NO warranty. + +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) +DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) +DEB_BUILD_ARCH ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH) + +ifneq ($(DEB_HOST_ARCH),$(DEB_BUILD_ARCH)) + export LIBPNG_CFLAGS = -I/usr/include/libpng12 + export LIBPNG_LDFLAGS = -lpng12 +endif + +# Workaround for spurious error when building with gcc-4.4 +ifeq (,$(filter m68k alpha,$(DEB_HOST_ARCH))) +export DEB_CFLAGS_MAINT_APPEND := -Werror +endif +export DEB_CFLAGS_MAINT_APPEND += $(shell dpkg-buildflags --get CPPFLAGS) + +# always abort if there are any problems with the symbols file +DPKG_GENSYMBOLS_CHECK_LEVEL = 4 +export DPKG_GENSYMBOLS_CHECK_LEVEL + +VERSION = $(shell dpkg-parsechangelog | sed -n -e's/^Version: //p') +ver := $(shell dpkg-parsechangelog | sed -n -e's/^Version: \(.*\)-[^-]\+/\1/p') + +freetype_ver := $(ver) +ftdocs_ver := $(ver) +ft2demos_ver := $(ver) +dependency = $(libpkg) (>= 2.4.0) + +freetype_u := freetype-$(freetype_ver) +ftdocs_u := freetype-doc-$(ftdocs_ver) +ftdocs_d := $(freetype_u) +ft2demos_u := ft2demos-$(ft2demos_ver) + +libpkg := libfreetype6 +devpkg := $(libpkg)-dev +docpkg := $(libpkg)-doc +demospkg := freetype2-demos +udebpkg := libfreetype6-udeb +docdir := usr/share/doc +freetype_config_man := $(CURDIR)/debian/freetype-config.man +freetype_config_sgml := $(CURDIR)/debian/freetype-config.man.sgml + +libdoc = FTL.TXT CHANGES TODO ft2faq.html + +%: + dh $@ + +unpack:: unpack-stamp +unpack-stamp:: + # Unpack upstream tarballs + @for i in $(freetype_u) $(ftdocs_u) $(ft2demos_u); do \ + if [ -f $$i.tar.bz2 ]; then \ + echo "Unpacking $$i.tar.bz2 ..."; \ + tar -x --bzip2 -f $$i.tar.bz2; \ + elif [ -f $$i.tar.gz ]; then \ + echo "Unpacking $$i.tar.gz ..."; \ + tar -x --gzip -f $$i.tar.gz; \ + else \ + echo "Error! $$i.tar.{bz2,gz} not found!"; \ + exit 1; \ + fi \ + done + ln -s $(ftdocs_d)/docs docs + touch unpack-stamp + +patch: unpack patch-stamp +patch-stamp: + cd $(freetype_u) \ + && QUILT_PATCHES=../debian/patches-freetype quilt --quiltrc /dev/null push -a + cd $(freetype_u) && ./autogen.sh + cd $(ft2demos_u) \ + && QUILT_PATCHES=../debian/patches-ft2demos quilt --quiltrc /dev/null push -a + touch patch-stamp + +override_dh_auto_configure: patch + dh_auto_configure -D $(freetype_u) -- --without-bzip2 + +override_dh_auto_build: + dh_auto_build -D $(freetype_u) + dh_auto_build -D $(ft2demos_u) -- TOP_DIR=../$(freetype_u) \ + OBJ_DIR=../$(freetype_u)/objs + docbook-to-man $(freetype_config_sgml) > $(freetype_config_man) + +override_dh_auto_clean: + rm -f $(freetype_config_man) + rm -f unpack-stamp patch-stamp + rm -rf $(freetype_u) $(ft2demos_u) docs + +override_dh_auto_install: + dh_auto_install -D $(freetype_u) --destdir=$(CURDIR)/debian/tmp + $(freetype_u)/builds/unix/libtool --mode=install \ + cp -av `find $(ft2demos_u)/bin -type f -perm -u=x -maxdepth 1` \ + $(CURDIR)/debian/$(demospkg)/usr/bin/ + sed -i -e'/dependency_libs/s/'.*'//' debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libfreetype.la + mkdir -p debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/freetype2/config + set -e; \ + for i in debian/tmp/usr/include/freetype2/config/*.h; do \ + mv $$i debian/tmp/usr/include/$(DEB_HOST_MULTIARCH)/freetype2/config/.; \ + sed "s,@subdir@,freetype2/config,;s,@header@,$$(basename $$i)," \ + debian/multiarch.h.in > $$i; \ + done + + +override_dh_install: + dh_install --fail-missing + +override_dh_installdocs: +ifneq (,$(findstring $(libpkg), $(shell dh_listpackages))) + dh_installdocs -p$(libpkg) $(addprefix $(freetype_u)/docs/,$(libdoc)) + mkdir debian/$(libpkg)/$(docdir)/$(libpkg)/pcf + cp -a $(freetype_u)/src/pcf/README debian/$(libpkg)/$(docdir)/$(libpkg)/pcf/ +endif +ifneq (,$(findstring $(devpkg), $(shell dh_listpackages))) + dh_installdocs --link-doc=$(libpkg) -p$(devpkg) \ + -Xreference/README -Xreference/.gitignore \ + -XLICENSE.TXT -XGPL.TXT -XGPLv2.txt -XBUILD -XINSTALL \ + $(addprefix -X,$(libdoc)) \ + $(ftdocs_d)/docs/* +endif + dh_installdocs -N$(devpkg) -N$(libpkg) --link-doc=$(libpkg) + +override_dh_installchangelogs: +ifneq (,$(findstring $(libpkg), $(shell dh_listpackages))) + dh_installchangelogs -p$(libpkg) $(freetype_u)/ChangeLog +endif + +override_dh_makeshlibs: + dh_makeshlibs -V '$(dependency)' --add-udeb '$(udebpkg)' + +# This variable is used only by get-orig-source, which will normally only +# be run by maintainers. +URL = http://savannah.nongnu.org/download/freetype/ + +# Download the various upstream source tarballs and pack them into a +# single orig.tar.gz. Assumes wget and gpg are available. +get-orig-source: + @if [ ! -d "debian" ] ; then \ + echo 'Run this from the top directory of the Debian source' >&2; \ + exit 1; \ + fi + mkdir freetype-$(ver) + set -e; \ + cd freetype-$(ver); \ + for i in freetype freetype-doc ft2demos; do \ + wget $(URL)/$$i-$(ver).tar.bz2; \ + wget $(URL)/$$i-$(ver).tar.bz2.sig; \ + gpg --verify $$i-$(ver).tar.bz2.sig $$i-$(ver).tar.bz2 \ + && rm $$i-$(ver).tar.bz2.sig; \ + done + tar cf freetype_$(ver).orig.tar freetype-$(ver) + rm -rf freetype-$(ver) + gzip -9 freetype_$(ver).orig.tar + +.PHONY: unpack patch get-orig-source --- freetype-2.5.2.orig/debian/source/lintian-overrides +++ freetype-2.5.2/debian/source/lintian-overrides @@ -0,0 +1,4 @@ +# two separate series files; not getting fixed without extensive changes +# upstream +freetype source: quilt-build-dep-but-no-series-file +