| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libfreetype6-x86 | Distribution: openSUSE 12.1 |
| Version: 2.4.7 | Vendor: openSUSE |
| Release: 6.1 | Build date: Thu Mar 29 14:51:13 2012 |
| Group: System/Libraries | Build host: build25 |
| Size: 555248 | Source RPM: freetype2-2.4.7-6.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: http://www.freetype.org | |
| Summary: A TrueType Font Library | |
This library features TrueType fonts for open source projects. This version also contains an autohinter for producing improved output.
Freetype License (BSD-like). See http://freetype.sourceforge.net/FTL.TXT
* Mon Mar 26 2012 jw@suse.com
- BNC#750937, BNC#750947 CVE-2012-1126+1127.patch Out-of heap-based buffer read by parsing glyph information and bitmaps for BDF fonts
- BNC#750938 CVE-2012-1139.patch Array index error, leading to out-of stack based buffer read by parsing BDF font glyph information
- BNC#750939 CVE-2012-1136.patch Out-of heap-based buffer write by parsing BDF glyph and bitmaps information with missing ENCODING field (FU#35641)
- BNC#750940 CVE-2012-1133.patch Out-of heap-based buffer write by parsing BDF glyph information and bitmaps (FU#35607)
- BNC#750941 CVE-2012-1138.patch Out-of heap-based buffer read in the TrueType bytecode interpreter by executing the MIRP instruction
- BNC#750942 CVE-2012-1128.patch NULL pointer dereference by moving zone2 pointer point for certain TrueType font
- BNC#750943 CVE-2012-1137.patch Out-of heap-based buffer read by parsing BDF font header
- BNC#750944 CVE-2012-1144.patch Out-of heap-based buffer write in the TrueType bytecode interpreter by moving zone2 pointer point
- BNC#750945 CVE-2012-1134.patch Out-of heap-based buffer write in Type1 font parser by retrieving font's private dictionary
- BNC#750946 CVE-2012-1135.patch Out-of heap-based buffer read in TrueType bytecode interpreter by executing NPUSHB and NPUSHW instructions (FU#35640)
- BNC#750948 CVE-2012-1142.patch Out-of heap-based buffer read in TrueType bytecode interpreter by executing NPUSHB and NPUSHW instructions
- BNC#750949 CVE-2012-1143.patch Integer divide by zero by performing arithmetic computations for certain fonts
- BNC#750950 CVE-2012-1132.patch Out-of heap-based buffer read flaw in Type1 font loader by parsing font dictionary entries
- BNC#750951 CVE-2012-1130.patch Out-of heap-based buffer read by loading properties of PCF fonts
- BNC#750952 CVE-2012-1129.patch Out-of heap-based buffer read when parsing certain SFNT strings by Type42 font parser
- BNC#750953 CVE-2012-1131.patch (64-bit specific): Out-of heap-based buffer read by attempt to record current cell into the cell table
- BNC#750954 CVE-2012-1140.patch Out-of heap-based buffer read by conversion of PostScript font objects
- BNC#750955 CVE-2012-1141.patch Out-of heap-based buffer read flaw by conversion of an ASCII string into a signed short integer by processing BDF fonts
* Fri Dec 16 2011 meissner@suse.de
from evergreen:
- bnc730124_CVE-2011-3439.patch:
FreeType allows remote attackers to execute arbitrary code or cause a
denial of service (memory corruption) via a crafted font.
(CVE-2011-3439, bnc#730124)
* Tue Oct 18 2011 idonmez@suse.com
- Update to version 2.4.7
* Some vulnerabilities in handling Type 1 fonts have been fixed;
see CVE-2011-3256.
* FreeType now properly handles ZapfDingbats glyph names while
constructing a Unicode character map (for fonts which don't have
one).
* Fri Jul 29 2011 idonmez@novell.com
- Update to version 2.4.6
* For TrueType based fonts, the ascender and descender values were
incorrect sometimes (off by a pixel if the ppem value was not a
multiple of 5). Depending on the use you might now experience
a different layout; the change should result in better, more
consistent line spacing.
* Fix CVE-2011-0226 which causes a vulnerability while handling
Type 1 fonts.
* BDF fonts containing glyphs with negative values for ENCODING
were incorrectly rejected. This bug has been introduced in
FreeType version 2.2.0.
* The behaviour of FT_STROKER_LINEJOIN_BEVEL has been corrected.
* A new line join style, FT_STROKER_LINEJOIN_MITER_FIXED, has
been introduced to support PostScript and PDF miter joins.
* FT_STROKER_LINEJOIN_MITER_VARIABLE has been introduced as an
alias for FT_STROKER_LINEJOIN_MITER.
* Various stroking glitches has been fixed
* SFNT bitmap fonts which contain an outline glyph for `.notdef'
only no longer set the FT_FACE_FLAG_SCALABLE flag.
- Drop bnc704612_othersubr.diff, applied upstream
* Fri Jul 22 2011 ke@suse.de
- added bnc704612_othersubr.diff, CVE-2011-0226, bnc#704612.
* Thu Jul 07 2011 idonmez@novell.com
- Clean spec file
- Disable static libraries
- Drop unneeded use_unix.diff
- Disable newly introduced bzip2 support, it seems to create
problems with subpixel rendering
* Sat Jun 25 2011 idonmez@novell.com
- Update to version 2.4.5
* A rendering regression for second-order Bézier curves has been
fixed, introduced in 2.4.3.
* If autohinting is not explicitly disabled, FreeType now uses
the autohinter if a TrueType based font doesn't contain native
hints.
* The load flag FT_LOAD_IGNORE_GLOBAL_ADVANCE_WIDTH has been made
redundant and is simply ignored; this means that FreeType now
ignores the global advance width value in TrueType fonts.
* `FT_Sfnt_Table_Info' can now return the number of SFNT tables of
a font.
* Support for PCF files compressed with bzip2 has been contributed
by Joel Klinghed. To make this work, the OS must provide a
bzip2 library.
* Again some fixes to better handle broken fonts.
* Some improvements to the B/W rasterizer.
* Fixes to the cache module to improve robustness.
* Just Fill Bugs contributed (experimental) code to compute blue
zones for CJK Ideographs, improving the alignment of horizontal
stems at the top or bottom edges.
- Dropped the following patches:
* bnc628213_1797.diff (fixed upstream)
* bnc641580_CVE-2010-3311.diff (fixed upstream)
* ft2-stream-compat.diff (only needed for SLE8->SLE9 update)
- Add libbz2-devel to BuildRequires to enable bzip2 support
* Mon Feb 28 2011 jw@novell.com
- bnc#647375: CVE-2010-3855.diff already fixed upstream.
- bnc#647375: CVE-2010-3814.diff already fixed upstream.
* Tue Dec 07 2010 jw@novell.com
- several old patches got lost, reapplying:
* added bnc641580_CVE-2010-3311.diff for bnc#641580
* bnc633943_CVE-2010-3054 nothing to do.
* bnc633938_CVE-2010-3053 nothing to do.
* Mon Dec 06 2010 cristian.rodriguez@opensuse.org
- exclude *.a *.la files from -devel package
* Sat Dec 04 2010 pascal.bleser@opensuse.org
- Updated to version 2.4.4:
* [truetype] better multi-threading support
* [truetype] identify the tricky fonts by cvt/fpgm/prep checksums; some Latin TrueType fonts are still expected to be unhinted
* [type1] fix matrix normalization
* [type1] improve guard against malformed data
* [ftsmooth] improve rendering
* [ftraster] fix rendering
* Fri Oct 29 2010 fisiu@opensuse.org
- Updated to version 2.4.3:
+ Fix rendering of certain cubic, S-shaped arcs. This regression
has been introduced in version 2.4.0.
+ Handling of broken fonts has been further improved.
* Thu Aug 12 2010 jw@novell.com
- bnc#628213: added bnc628213_1797.diff
- bnc#629447: CVE-2010-2805..8 are already fixed in upstream 2.4.2
- bnc#619562: CVE-2010-2497,2498,2499,2500,2519,2520 dito.
* Mon Aug 09 2010 tiwai@suse.de
- updated to version 2.4.2:
Another serious bug in the CFF font module has been found,
together with more exploitable vulnerabilities in the T42 font
driver.
* Tue Jul 20 2010 tiwai@suse.de
- updated to version 2.4.1:
* major version up
* bytecode interpreter is enabled as default in the upstream
* doc-reference is redundant, removed
* Fri Jun 04 2010 coolo@novell.com
- reenable bitmap foundaries (bnc#596559)
* Sat Apr 24 2010 coolo@novell.com
- buildrequire pkg-config to fix provides
* Tue Apr 06 2010 aj@suse.de
- Adjust baselibs.conf for changes
* Tue Apr 06 2010 coolo@novell.com
- fix obsoletes/provides
* Mon Apr 05 2010 coolo@novell.com
- leave freetype2 behind and only go with shared library package
* Sun Apr 04 2010 aj@suse.de
- Fix baselibs.conf for renamed libs
* Wed Mar 31 2010 coolo@novell.com
- update to version 2.3.12:
brings considerable improvements for b/w rasterizing of hinted
TrueType fonts at small sizes, see NEWS for more details
- fixed build without sysvinit in the build system
- disable no longer compiling patch that should be upstream or dead
- split out shared library policy package
- remove old patches
* Mon Dec 14 2009 jengelh@medozas.de
- add baselibs.conf as a source
* Fri Nov 06 2009 tiwai@suse.de
- make -std=gnu99 cfalgs to be ARM-specific
* Tue Nov 03 2009 coolo@novell.com
- updated patches to apply with fuzz=0
* Sun Aug 02 2009 jansimon.moeller@opensuse.org
- ARM build needs -std=gnu99 in CFLAGS
* Mon Jul 27 2009 tiwai@suse.de
- updated to version 2.3.8:
* see URLs below
http://www.freetype.org/index2.html#release-freetype-2.3.8
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=653641
- updated to version 2.3.9:
* see URLs below
http://www.freetype.org/index2.html#release-freetype-2.3.9
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=667610
- fix builds with older distros
* Tue Jul 07 2009 meissner@novell.com
- require zlib-devel-<targettype> from freetype2-devel-<targettype>
bnc#519192
* Thu Apr 16 2009 nadvornik@suse.cz
- fixed integer overflows [bnc#485889] CVE-2009-0946
* Mon Mar 09 2009 crrodriguez@suse.de
- freetype2 has subpixel rendering enabled [bnc#478407]
/emul/ia32-linux/usr /emul/ia32-linux/usr/lib /emul/ia32-linux/usr/lib/libfreetype.so.6 /emul/ia32-linux/usr/lib/libfreetype.so.6.7.2
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed May 22 03:03:20 2013