I. IMPORTANT BUG FIXES
- A variant of vulnerability CVE-2014-2240 was identified
(cf. http://savannah.nongnu.org/bugs/?43661) and fixed in the
new CFF driver. All users should upgrade.
- The new auto-hinter code using HarfBuzz crashed for some invalid
fonts.
- Many fixes to better protect against malformed input.
II. IMPORTANT CHANGES
- Full auto-hinter support of the Devanagari script.
- Experimental auto-hinter support of the Telugu script.
- CFF stem darkening behaviour can now be controlled at build time
using the eight macros
CFF_CONFIG_OPTION_DARKENING_PARAMETER_{X,Y}{1,2,3,4} .
- Some fields in the `FT_Bitmap' structure have been changed from
signed to unsigned type, which better reflects the actual usage.
It is also an additional means to protect against malformed
input.
This change doesn't break the ABI; however, it might cause
compiler warnings.
III. MISCELLANEOUS
- Improvements to the auto-hinter's algorithm to recognize stems
and local extrema.
- Function `FT_Get_SubGlyph_Info' always returned an error even in
case of success.
- Version 2.5.1 introduced major bugs in the cjk part of the
auto-hinter, which are now fixed.
- The `FT_Sfnt_Tag' enumeration values have been changed to
uppercase, e.g. `FT_SFNT_HEAD'. The lowercase variants are
deprecated. This is for orthogonality with all other
enumeration (and enumeration-like) values in FreeType.
- `cmake' now supports builds of FreeType as an OS X framework and
for iOS.
- Improved project files for vc2010, introducing a property file.
- The documentation generator for the API reference has been
updated to produce better HTML code (with proper CSS). At the
same time, the documentation got a better structure.
- The FT_LOAD_BITMAP_CROP flag is obsolete; it is not used by any
driver.
- The TrueType DELTAP[123] bytecode instructions now work in
subpixel hinting mode as described in the ClearType whitepaper
(i.e., for touched points in the non-subpixel direction).
- Many small improvements to the internal arithmetic routines.
Fixes the build on systems with a native harfbuzz library, where the
library will otherwise be auto-detected.
Add: USE_TOOLS+=pkg-config
Not identified as fixing any real-world problems, but it corrects build
behaviour if buildlinking harfbuzz for diagnostic purposes.
Helps with working around the problems identified in PR pkg/48919.
No PKGREVISION bump - I believe all the problems fixed here prevent this
package from building at all if on an affected platform, and unaffected
platforms will not be affected by these changes.
FreeType 2.5.3
2014-03-08
FreeType 2.5.3 has been released. All users should upgrade due to fixed
vulnerability in the CFF driver (CVE-2014-2240).
Its main new feature is much enhanced support of auto-hinting SFNT fonts
(i.e., TrueType and CFF fonts) due to the use of the HarfBuzz library.
A more detailed description of this and other changes can be found here.
FreeType 2.5.2
2013-12-08
FreeType 2.5.2 has been released. It fixes a serious bug introduced
in version 2.5.1; all users should upgrade.
A listing of the changes can be found here.
FreeType 2.5.1
2013-11-25
FreeType 2.5.1 has been released, providing three major new features.
- Support for the WOFF font format, contributed by Behdad Esfahbod.
- The auto-hinter now supports Hebrew, together with improved support
for Cyrillic and Greek.
- The directory layout of the (installed) FreeType header files has
been simplified.
Among other changes I want to mention that FreeType's TrueType debugger
(ttdebug) has been made more versatile. An exhaustive list of changes
can be found here.
FreeType 2.5
2013-06-19
FreeType 2.5 has been released. A major new feature is support for
color embedded bitmaps (eg. color emoji), contributed by Behdad Esfahbod
on behalf of Google. Additionally, Adobe's CFF engine is now the default,
which makes a good reason to change from the 2.4.x to the 2.5.x series.
On the technical side, the property API to access FreeType module
parameters (FT_Property_Set and FT_Property_Get) is now declared as
stable.
As usual, see this file for the complete release notes, which give
more details. And we have again blog entries from Adobe and Google.
FreeType 2.4.12
2013-05-08
FreeType 2.4.12 has been released. A major new feature is a new parsing
and hinting engine for CFF fonts, contributed by Adobe in collaboration
with Google. It was my job the last few months to fully adapt the code
to FreeType, and we are very pleased with the results. You might also
read the blog entries from Adobe and Google.
In connection with the new CFF engine, the demo programs, especially
ftview and ftdiff, have been improved a lot; as usual, more details
on the changes can be found in the release notes.
In connection with the new CFF engine, the demo programs, especially ftview and ftdiff, have been improved a lot; as usual, more details on the changes can be found in the release notes.
Reduce "freetype2" API dependence to version 2.4.5 which is what
NetBSD 6.1 and NetBSD-current ship with. This version is new enough
even for the latest "pango" package.
This fixes problems under NetBSD-current where pkgsrc tried to use
the native "fontconfig" and pkgsrc "freetype2" which doesn't work
very well.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
CHANGES BETWEEN 2.4.10 and 2.4.11
I. IMPORTANT BUG FIXES
- Some vulnerabilities in the BDF implementation have been fixed.
Users of this font format should upgrade.
II. IMPORTANT CHANGES
- Subpixel hinting support has been contributed by Infinality,
based on Greg Hitchcock's whitepaper at
http://www.microsoft.com/typography/cleartype/truetypecleartype.aspx
Originally, it was a separate patch available from
http://www.infinality.net/blog/
and which has been integrated.
Note that ClearType support is not completely implemented! In
particular, full support for the options `compatible_widths',
`symmetrical_smoothing, and `bgr' (via the GETINFO bytecode
instruction) is missing.
Activation of subpixel hinting support can be controlled with
the `TT_CONFIG_OPTION_SUBPIXEL_HINTING' configuration option; it
is switched off by default. This feature is still experimental;
we welcome test reports!
- Support for OpenType collections (OTC) has been added.
- Pure CFF fonts within an SFNT wrapper are now supported.
III. MISCELLANEOUS
- Minor rendering improvements to the auto-hinter.
- `FT_GlyphSlot_Oblique' now uses a shear angle of 12°.
- Experimental support to handle `property modules', for example
to control the behaviour of the auto-hinter. The API consists
of two new functions, `FT_Property_Set' and `FT_Property_Get'.
The code is still subject to change and should not be used for
production.
- The `ftdiff' demo program now supports UTF-8 encoded input files
for option `-f'.
- Using keys `r' and `R', you can now adjust the stroker radius in
the `ftview' demo program.
- Other, minor fixes and improvements.
Always use xorg-cf-files and imake from pkgsrc, replacing xpkgwedge.
Always install man pages, not cat pages when using imake.
Unify the various imake PLIST variables in preparation for dropping.
Adjust xbattbar for the new expectations.
CHANGES BETWEEN 2.4.6 and 2.4.7
I. IMPORTANT BUG FIXES
- Some vulnerabilities in handling Type 1 fonts have been fixed;
see CVE-2011-3256.
II. MISCELLANEOUS
- FreeType now properly handles ZapfDingbats glyph names while
constructing a Unicode character map (for fonts which don't have one).
Update to 2.4.6, No answer from maintainer.
CHANGES BETWEEN 2.4.5 and 2.4.6
I. IMPORTANT BUG FIXES
- For TrueType based fonts, the ascender and descender values were
incorrect sometimes (off by a pixel if the ppem value was not a
multiple of 5). Depending on the use you might now experience
a different layout; the change should result in better, more
consistent line spacing.
- Fix CVE-2011-0226 which causes a vulnerability while handling
Type 1 fonts.
- BDF fonts containing glyphs with negative values for ENCODING
were incorrectly rejected. This bug has been introduced in
FreeType version 2.2.0.
- David Bevan contributed a major revision of the FreeType stroker
code:
. The behaviour of FT_STROKER_LINEJOIN_BEVEL has been corrected.
. A new line join style, FT_STROKER_LINEJOIN_MITER_FIXED, has
been introduced to support PostScript and PDF miter joins.
. FT_STROKER_LINEJOIN_MITER_VARIABLE has been introduced ches has
been fixed.
II. MISCELLANEOUS
- SFNT bitmap fonts which contain an outline glyph for `.notdef'
only no longer set the FT_FACE_FLAG_SCALABLE flag.
CHANGES BETWEEN 2.4.4 and 2.4.5
I. IMPORTANT BUG FIXES
- A rendering regression for second-order B#zier curves has been
fixed, introduced in 2.4.3.
II. IMPORTANT CHANGES
- If autohinting is not explicitly disabled, FreeType now uses
the autohinter if a TrueType based font doesn't contain native
hints.
- The load flag FT_LOAD_IGNORE_GLOBAL_ADVANCE_WIDTH has been made
redundant and is simply ignored; this means that FreeType now
ignores the global advance width value in TrueType fonts.
III. MISCELLANEOUS
- `FT_Sfnt_Table_Info' can now return the number of SFNT tables of
a font.
- Support for PCF files compressed with bzip2 has been contributed
by Joel Klinghed. To make this work, the OS must provide a
bzip2 library.
- Bradley Grainger contributed project and solution files in
Visual Studio 2010 format.
- Again some fixes to better handle broken fonts.
changes:
-fixed rendering regression for second-order Bezier curves
-FreeType now uses the autohinter per default
-Support for PCF files compressed with bzip2
-misc fixes and improvements
pkgsrc change: clean up patch-ac (which fixes SA45167): put sign extension
stuff into a macro and move checks to make it closer to the upstream fix
I. IMPORTANT BUG FIXES
- UVS support (TrueType/OpenType cmap format 14) support is fixed.
This regression has been introduced in version 2.4.0.
II. MISCELLANEOUS
- Detect tricky fonts (e.g. MingLiU) by the lengths and checksums
of Type42-persistent subtables (`cvt ', `fpgm', and `prep') when
a TrueType font without family name is given. The previous fix,
introduced in 2.4.3, was too rigorous, causing many subsetted
fonts (mainly from PDF files) displayed badly because FreeType
forced rendering with the TrueType bytecode engine instead of
the autohinter.
- Better support for 64bit platforms.
- More fixes to improve handling of broken fonts.
which could be exploited to cause a crash and potentially execute
arbitrary code via a specially crafted font (CVE-2010-3814)
bump PKGREV
being here, add CVE reference to an older patch
changes:
A rendering regression of S-shaped cubic arcs (introduced in
version 2.4.0) has been fixed. Besides that, a bunch
of fixes have been applied to improve handling of broken fonts.
CHANGES BETWEEN 2.4.1 and 2.4.2
I. IMPORTANT BUG FIXES
- A stack overflow in CFF Type2 CharStrings interpreter is fixed.
- Handling Type 42 font deallocation was broken; additionally, the
library is now more robust against malformed Type 42 fonts.
II. MISCELLANEOUS
- Two new functions, `FT_Reference_Library' (in FT_MODULE_H) and
`FT_Reference_Face' (in FT_FREETYPE_H), have been added to
simplify life-cycle management. A counter gets initialized to 1
at the time an FT_Library (or FT_Face) structure is created.
The two new functions increment the respective counter.
`FT_Done_Library' and `FT_Done_Face' then only destroy a library
or face if the counter is 1, otherwise they simply decrement the
counter.
changes:
- Since May 2010, all patents regarding the TrueType bytecode
interpreter have expired worldwide. Consequently, we now define
TT_CONFIG_OPTION_BYTECODE_INTERPRETER by default (and undefine
TT_CONFIG_OPTION_UNPATENTED_HINTING).
- A new function `FT_Library_SetLcdFilterWeights' is available to
adjust the filter weights set by `FT_Library_SetLcdFilter'.
-increased robustness, bugfixes
pkgsrc note: the "truetype" option was removed, the bytecode interpreter
is now always enabled
changes:
- For `FT_Open_Face', new parameters are available to ignore
preferred family names: FT_PARAM_TAG_IGNORE_PREFERRED_FAMILY and
FT_PARAM_TAG_IGNORE_PREFERRED_SUBFAMILY.
- Support for incremental font loading (controlled with the
FT_CONFIG_OPTION_INCREMENTAL macro) is now active by default.
- Better support for vertical metrics.
- Various minor bug fixes.
This is a bugfix release for the 2.3 series, which brings considerable
improvements for b/w rasterizing of hinted TrueType fonts at
small sizes. All users should upgrade.
changes:
-important bugfixes
-improved CID support
There was an ABI breakage between 2.3.7 and 2.3.8 which was reverted
in 2.3.9. The public 'PS_FontInfoRec' structure was expanded and
then shrunk. Applications compiled against 2.3.8 should work fine
with 2.3.9. Applications compiled against the new 2.3.9 can
theoretically exhibit problems if run against a 2.3.8 binary, if
some PS_FontInfo stuff is used. See the freetype release notes
for details. I didn't find any suspects for now. If one is found,
it should be changed to require 2.3.9, and PKGREV bumped.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
changes:
-improvements for fonts in an SFNT wrapper (used on Mac)
-FT_MulFix is now an inlined function; by default, assembler code
is provided for x86 and ARM. See FT_CONFIG_OPTION_INLINE_MULFIX
and FT_CONFIG_OPTION_NO_ASSEMBLER (in ftoption.h) for more
-handling of `tricky' fonts has been generalized and changed slightly
-API additions
-bugfixes
X.Org found in NetBSD-current.
Thanks a lot to all who helped, especially Matthias Scheler who did
repeated tests on Mac OS X and older versions of NetBSD to make sure the
support for those platforms wouldn't be broken (or at least, not fatally,
as I would still expect a few hiccups here and there, because there is
only so much one can test in such limited time).
On the infrastructure side, this branch brings pkgconfig-builtin.mk, in
order to write very easily new builtin.mk files. It can actually handle
more than just pkgconfig files, but it will provide a version if it finds
such a file. x11.builtin.mk has also been made more useful and now all
existing (and future!) native-X11-related builtin.mk files should include
it.
