Coordinated with leot@ and he@ while investigating CVE-2019-19648.
The changes listed for this version include:
* Duplicated string modifiers are now an error.
* More flexible xor modifier.
* Implement private strings (#1096)
* Add field_offsets to dotnet module.
* Implement crc32 functions in hash module.
* Improvements to rich_signature functions in pe module.
* Implement sandboxed API using SAPI
* BUGFIX: Some regexp character classes not matching correctly when used with nocase modifier (#1117)
* BUGFIX: Reduce the number of ERROR_TOO_MANY_RE_FIBERS errors for certain hex pattern containing large jumps (#1107)
* BUGFIX: Buffer overrun in dotnet module (#1108)
* BUGFIX: Segfault in certain Windows versions (#1068)
* BUGFIX: Memory leak while attaching to a process fails (#1070)
Changes for version 3.10.0:
* Optimize integer range loops by exiting earlier when possible.
* Cache the result of PE module's imphash function in order to improve performance.
* Harden virtual machine against malicious code.
* BUGFIX: xor modifier not working as expected if not accompanied by ascii (#1053).
* BUGFIX: \s and \S character classes in regular expressions now include vertical tab, new line, carriage return and form feed characters.
* BUGFIX: Regression bug in hex strings containing wildcards (#1025).
* BUGFIX: Buffer overrun in elf module.
* BUGFIX: Buffer overrun in dotnet module
Changes for version 3.9.0:
* Improve scan performance for certain strings.
* Reduce stack usage.
* Prevent inadvertent use of compiled rules by forcing the use of -C when using yara command-line tool.
* BUGFIX: Buffer overflow in "dotnet" module.
* BUGFIX: Internal error when running multiple instances of YARA in Mac OS X. (#945)
* BUGFIX: Regexp regression when using nested quantifiers {x,y} for certain values of x and y. (#1018)
* BUGFIX: High RAM consumption in "pe" module while parsing certain files.(0c8b461)
* BUGFIX: Denial of service when using "dex" module. Found by the Cisco Talos team. (#1023)
* BUGFIX: Issues with comments inside hex strings.
Changes for version 3.8.1:
* BUGFIX: Some combinations of boolean command-line flags were broken in version 3.8.0.
* BUGFIX: While reporting errors that occur at the end of the file, the file name appeared as null.
* BUGFIX: dex module now works in big-endian architectures.
* BUGFIX: Keep ABI compatibility by keeping deprecated functions visible.
Changes for version 3.8.0:
* Scanner API
* New xor modifier for strings
* New fields and functions in PE module.
* Add functions min and max to math module.
* Make compiled.
* yara and yaracsupport reading rules from stdin by using - as the file name.
* Rule compilation is faster.
* BUGFIX: Regression in regex engine. /ba{3}b/ was matching baaaab.
* BUGFIX: Function yr_compiler_add_fd() was reading only the first 1024 bytes of the file.
* BUGFIX: Wrong calculation of sha256 hashes in Windows when using native crypto API.
* Lots of more bug fixes.
Changes for version 3.7.1:
* Fix regression in include directive (issue #796)
* Fix bug in PE checksum calculation causing wrong results in some cases.
4.2.2:
- [subset] Fixed issue with subsetting FeatureVariations table when the index
of features changes as features get dropped. The feature index need to be
remapped to point to index of the remaining features.
- [fontBuilder] Added `addFeatureVariations` method to `FontBuilder` class. This
is a shorthand for calling `featureVars.addFeatureVariations` on the builder's
TTFont object.
- [glyf] Fixed the flags bug in glyph.drawPoints() like we did for glyph.draw()
4.2.1:
- [glyf] Use the ``flagOnCurve`` bit mask in ``glyph.draw()``, so that we ignore
the ``overlap`` flag that may be set when instantiating variable fonts.
4.2.0:
- [pens] Added the following pens:
* ``roundingPen.RoundingPen``: filter pen that rounds coordinates and components'
offsets to integer;
* ``roundingPen.RoundingPointPen``: like the above, but using PointPen protocol.
* ``filterPen.FilterPointPen``: base class for filter point pens;
* ``transformPen.TransformPointPen``: filter point pen to apply affine transform;
* ``recordingPen.RecordingPointPen``: records and replays point-pen commands.
- [ttGlyphPen] Always round float coordinates and component offsets to integers
.
- [ufoLib] When converting kerning groups from UFO2 to UFO3, avoid confusing
groups with the same name as one of the glyphs
4.1.0:
- [instancer] Implemented restricting axis ranges (level 3 partial instancing).
You can now pass ``{axis_tag: (min, max)}`` tuples as input to the
``instantiateVariableFont`` function. Note that changing the default axis
position is not supported yet. The command-line script also accepts axis ranges
in the form of colon-separated float values, e.g. ``wght=400:700``.
- [instancer] Never drop STAT ``DesignAxis`` records, but only prune out-of-range
``AxisValue`` records.
- [otBase/otTables] Enforce that VarStore.RegionAxisCount == fvar.axisCount, even
when regions list is empty to appease OTS < v8.0.
- [designspaceLib] Defined new ``processing`` attribute for ``<rules>`` element,
with values "first" or "last", plus other editorial changes to DesignSpace
specification. Bumped format version to 4.1.
- [varLib] Improved error message when masters' glyph orders do not match
- [featureVars] Allow to specify custom feature tag in ``addFeatureVariations``;
allow said feature to already exist, in which case we append new lookup indices
to existing features. Implemented ``<rules>`` attribute ``processing`` according to
DesignSpace specification update in. Depending on this flag, we generate
either an 'rvrn' (always processed first) or a 'rclt' feature (follows lookup order,
therefore last).
- [ttCollection] Added support for context manager auto-closing via ``with`` statement
like with ``TTFont``.
- [unicodedata] Require unicodedata2 >= 12.1.0.
- [py2.py3] Removed yet more PY2 vestiges.
- [_n_a_m_e] Fixed issue when comparing NameRecords with different string types.
- [fixedTools] Changed ``fixedToFloat`` to not do any rounding but simply return
``value / (1 << precisionBits)``. Added ``floatToFixedToStr`` and
``strToFixedToFloat`` functions to be used when loading from or dumping to XML.
Fixed values (e.g. fvar axes and instance coordinates, avar mappings, etc.) are
are now stored as un-rounded decimal floats upon decompiling.
- [feaLib] Fixed handling of multiple ``LigatureCaret`` statements for the same glyph.
Only the first rule per glyph is used, additional ones are ignored.
4.0.2:
- [voltLib] Added support for ``ALL`` and ``NONE`` in ``PROCESS_MARKS``.
- [Silf] Fixed issue in ``Silf`` table compilation and decompilation regarding str vs
bytes in python3.
- [merge] Handle duplicate glyph names better: instead of appending font index to
all glyph names, use similar code like we use in ``post`` and ``CFF`` tables.
4.0.1:
- [otTables] Support fixing offset overflows in ``MultipleSubst`` lookup subtables
- [subset] Prune empty strikes in ``EBDT`` and ``CBDT`` table data.
- [pens] Fixed issue in ``PointToSegmentPen`` when last point of closed contour has
same coordinates as the starting point and was incorrectly dropped.
- [Graphite] Fixed ``Sill`` table output to pass OTS.
- [name] Added ``removeNames`` method to ``table__n_a_m_e`` class.
- [ttLib] Added aliases for renamed entries ``ascender`` and ``descender`` in
``hhea`` table.
4.0.0:
- NOTE: The v4.x version series only supports Python 3.6 or greater. You can keep
using fonttools 3.x if you need support for Python 2.
- [py23] Removed all the python2-only code since it is no longer reachable, thus
unused; only the Python3 symbols were kept, but these are no-op. The module is now
DEPRECATED and will removed in the future.
- [ttLib] Fixed UnboundLocalError for empty loca/glyph tables. Also, allow
the glyf table to be incomplete when dumping to XML.
- [varLib.models] Fixed KeyError while sorting masters and there are no on-axis for
a given axis (38a8eb0e).
- [cffLib] Make sure glyph names are unique.
- [feaLib] Fix feature parser to correctly handle octal numbers
v0.28.4
--------
This is a security release fixing the following issues:
- CVE-2019-1348: the fast-import stream command "feature
export-marks=path" allows writing to arbitrary file paths. As
libgit2 does not offer any interface for fast-import, it is not
susceptible to this vulnerability.
- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
alternate filesystreams, it is possible to cause submodules to
be written into pre-existing directories during a recursive
clone using git. As libgit2 rejects cloning into non-empty
directories by default, it is not susceptible to this
vulnerability.
- CVE-2019-1350: recursive clones may lead to arbitrary remote
code executing due to improper quoting of command line
arguments. As libgit2 uses libssh2, which does not require us
to perform command line parsing, it is not susceptible to this
vulnerability.
- CVE-2019-1351: Windows provides the ability to substitute
drive letters with arbitrary letters, including multi-byte
Unicode letters. To fix any potential issues arising from
interpreting such paths as relative paths, we have extended
detection of DOS drive prefixes to accomodate for such cases.
- CVE-2019-1352: by using NTFS-style alternative file streams for
the ".git" directory, it is possible to overwrite parts of the
repository. While this has been fixed in the past for Windows,
the same vulnerability may also exist on other systems that
write to NTFS filesystems. We now reject any paths starting
with ".git:" on all systems.
- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
possible to write to the ".git" directory and thus overwrite
parts of the repository, leading to possible remote code
execution. While this problem was already fixed in the past for
Windows, other systems accessing NTFS filesystems are
vulnerable to this issue too. We now enable NTFS protecions by
default on all systems to fix this attack vector.
- CVE-2019-1354: on Windows, backslashes are not a valid part of
a filename but are instead interpreted as directory separators.
As other platforms allowed to use such paths, it was possible
to write such invalid entries into a Git repository and was
thus an attack vector to write into the ".git" dierctory. We
now reject any entries starting with ".git\" on all systems.
- CVE-2019-1387: it is possible to let a submodule's git
directory point into a sibling's submodule directory, which may
result in overwriting parts of the Git repository and thus lead
to arbitrary command execution. As libgit2 doesn't provide any
way to do submodule clones natively, it is not susceptible to
this vulnerability. Users of libgit2 that have implemented
recursive submodule clones manually are encouraged to review
their implementation for this vulnerability.
Overview of changes between 1.0.7 and 1.0.8
=============================================
* A bug fix in the fribidi unicode algorithm for multiple isolate sequences.
* Fixed a potential buffer overflow for a long sequence of isolate overrides characters
Fonts-TLWG 0.7.1 Released
Submitted by thep on 4 November, 2018 - 16:18
- Address another reproducibility issue caused by "date stamp" in
auto-generated UniqueID.
- Automate font binary tarballs building, with additional ZIP provision.
Fonts-TLWG 0.7.0 Released
Submitted by thep on 26 October, 2018 - 14:32
- Build fonts reproducibly, thus new major version due to source
restructuring.
- Generate OTF by default instead of TTF.
- LaTeX: Provide OpenType fonts for XeTeX.
(Issue #6. Thanks Abhabongse Janthong for the suggestion.)
- Fix bug in GSUB rule.
(Issue #7. Thanks @Richard57 for the report and investigation.)
- Norasi: Fix Fontforge warnings and substitution rules.
Fonts-TLWG 0.6.5 Released
Submitted by thep on 24 April, 2018 - 12:57
- Convert source files to recent Fontforge format.
- Move fontconfig templates to /usr/share/fontconfig, according to recent
fontconfig change.
- Normalize TTFWeight for non-bold, non-light fonts, so some apps like
EditPad can classify the weight correctly.
(Thanks @alysdexia for the report in Issue #5.)
- Add missing Latin ligatures to Laksaman, to fullfill LaTeX typesetting.
(Thanks Kittipitch Meesawat for the report in a KKLUG meeting.)
Public Sans v1.007
@thisisdano thisisdano released this Nov 14, 2019 · 1 commit to master since
this release
General
- Rewrite type test to better test unusual combinations
- Remove AFM files for simplicity
- Rename fonts to binaries
- Keep UFOs and designspace files in src
- Move Glyphs files to src/glyphs
- Update test strings
- Add Google Analytics code to site
- Update dependencies
- Remediate package vulnerabilities in gulp-notify
- Update and clarify Public Sans license
Metadata
- Update description
- Remove trademark metadata
- Update copyright and designer information
Metrics changes
- Changed ascender height to 1900
Parameter v1.006 v1.007
Ascender 2000 1900
typoAscender 2000 1900
hheaAscender 2000 1900
Kerning and spacing
- Normalized sidebearings to multiples of 5
- Used sidebearing groups more consistently
- Improve Æ spacing
- Improve kerning of the following: s|s, t|t, g|g, r|g, E|t, V|[a,e], R|e,
'P'|'e'
- Fix spacing around U
- Set width of the colonsign.tf to 1400
- Use 600 width for tf punctuation
- Rebalance roman tabular figures
- Use components for .tf numbers and rebalance
Glyphs
- Widen H
- Redraw Þ
- Add and synchronize italic tabular figs
- Add currency to tabular figures
- Align diacritics
- Fix faulty dot accents
- Fix italic i
- Square terminals and regularize shapes in s,e,c
- Update italic æ and Æ
- Update italic œ and Œ
Public Sans v1.006
@thisisdano thisisdano released this Jul 18, 2019 · 94 commits to master since
this release
- Adds a new python-based build script for generating webfonts and variable
fonts. Use /.build.sh from the project directory. Based on https://
github.com/thundernixon/googlefonts-qa-template/blob/master/sources/
build.sh
- Moves to 2000 UPM
- Adjusts kerning overall
- Improves vertical metrics
- Rounds counters in b, d, p, and q glyphs
- Widens o and e glyphs
- Narrows s glyph
- Slightly squares curves in rounded lowercase thin glyphs
- Squares counters on S and C glyphs
- Aligns C and G glyph upper terminals
- Improves output of variable fonts
- Outputs better binaries for Font Bakery (https://github.com/googlefonts/
fontbakery)
Public Sans v1.005
@thisisdano thisisdano released this Jun 6, 2019 · 108 commits to master since
this release
- Redraws eth character
- Improves Vietnamese diacritics with better positioning and shape
- Fixes bad masters that resulted in faulty interpolation in fractions and
some math characters
- Improves spacing of caron.alt–related glyphs
Public Sans v1.004
@thisisdano thisisdano released this Jun 3, 2019 · 115 commits to master since
this release
- Improved kerning
- Improved hinting and rendering on Windows
- Improved fractions and subscript/superscript numerals
- Improved spacing for hyphens and em/en dashes
- Fixes the colón character
Public Sans v1.003
@thisisdano thisisdano released this May 7, 2019 · 129 commits to master since
this release
- Address some spacing regressions in v1.002
- Thicken regular weight to 365 from 350
- Adds explicit underline metadata to address a rendering quirk in Firefox
Public Sans v1.002
@thisisdano thisisdano released this May 6, 2019 · 136 commits to master since
this release
This release tries to simplify the kerning and spacing and make both easier to
maintain. There may be some small spacing regressions as we evaluate this
version in production and continue to update.
- Added 'okina character
- Improved appearance and spacing of diacritic glyphs — especially Czech,
Slovak, and Vietnamese
- Improved consistency between roman and italic
- Upscaled to 2000 UPM
- Use 100-900 as range for variable font output
- Rebalanced numbers
- Improved kerning in fractions
- Corrected some spacing issues in tabular figures, especially in italic
tabular figures
- Adjusted position of hcircumflex
- Removed spur from eszett
- Simplified spacing and kerning
- Updated and made better use of sidebearing groups
- Updated and made better use of kerning groups
Motivated by wanting to build under more recent systems with
newer OpenSSL.
Many changes since 1.99.15
[v2.5][] - 2018-09-30
---------------------
### Changes
- macOS changes by Jo Rhett:
- Add linking with `-lresolv`
- Use Homebrew's CA trust store
- Update REDAME with install help
- Add support for selfhost.de DDNS
### Fixes
- Fix#211: Only show DDNS server response on successful transaction
- Fix#211: Improved error handling in OpenSSL back-end
- Fix#214: Add `nochg` to list of good responses for custom providers
- Fixes by Erich Sauvageau:
- Fix#216: Add DNS lookup exception for `all.dnsomatic.com`
- Fix#219: Add DNS lookup exception for `default@tunnelbrooker.net`
[v2.4][] - 2018-08-18
---------------------
### Changes
- Add support for Dynu DDNS provider
### Fixes
- Add missing defines for `LLONG_MAX` and `LLONG_MIN` on some platforms
- Fix#209: Update FreeDNS plugin to use v2 of their API to fetch update key
- Fix#210: Use `~/.cache/inadyn` or `~/.inadyn` when running unprivileged
[v2.3.1][] - 2018-02-12
-----------------------
This minor bug fix release holds Debian packaging fixes by André Colomb.
### Changes
- Make .deb files an official part of releases
### Fixes
- Fix installation of `inadyn` in `/usr/sbin` and symlink in `/usr/bin`
- Rename debian/inadyn.links to be standards-compliant
- Update deprecated build dependency for dh-systemd
- Fix lintian warning about unsafe symlinks for build scripts
- Version numbers containing a dash are inappropriate for 'native'
packages, bump revision instead
[v2.3][] - 2018-01-05
---------------------
### Changes
- Distribute `CONTRIBUTING.md` in release tarballs, by André Colomb
- Clean up debug messages for HTTPS connections, by André Colomb
- New build-depends, `libgnutls28-dev` for Debian/Ubuntu users and
GnuTLS >= 3.0 for others, by André Colomb
- Issue #192: Add `examples/*.conf` to source distribution, by André Colomb
### Fixes
- TCP, not UDP, for `getaddrinfo()` hints + numeric lookups, by André Colomb
- Disable SSL for checkip connections to SPDYN service, by André Colomb
- Issue #186: Allow IPv6 for HTTP(S) connections, by André Colomb
- Issue #189: Ignore premature session termination in GnuTLS, by André Colomb
- Issue #193: Fix broken internal links in README.md, by André Colomb
[v2.2.1][] - 2017-10-06
-----------------------
### Fixes
- Issue #174: `gnutls.c` missing `stdint.h`, fix for ArchLinux
- Issue #179: Update easyDNS plugin to new API, by Nicholas Alipaz
[v2.2][] - 2017-08-09
---------------------
### Changes
- Use HTTP by default for DYN.com checkip server, used by many DDNS
providers that do not have their own. This change is far more user
friendly since you no longer have to explicitly set `checkip-ssl =
false` for the most common use-case.
- Some DDNS providers have multiple IP addresses registered for the same
service, as of this release Inadyn immediately tries to connect to the
next listed addresses on connection problems.
- Issue #153: Support for custom HTTP User Agent. Useful with providers
that require using a specific brower. Set to, e.g. "Mozilla/4.0", or
rely on the default "inadyn/VERSION" user agent.
- Support for the `%%` format specifier in custom server URL's, as
mentioned in issue #152.
- Add support for a `.conf` syntax checker: `inadyn --check-config`
- Add support for logging to `stderr` when running in foreground or
without syslog enabled
- Simplified provider name lookup in `.conf` file. Now substring match
is used, resulting in support for `provider Dyn { ... }`.
- Remove libite dependency by importing all its used files into inadyn.
This should ease adoption by distributions and end users. All code
is under free licenses: BSD, ISC.
- Import Timur's Debian packaging, adding debconf support
### Fixes
- Issue #152: Do not attempt to create PID file in oneshot mode (`-1`)
- Issue #152: Must URL encode custom server URL's
- Issue #170: Use configured `--prefix` not hard coded `/etc/inadyn.conf`
- Issue #172: Use separate variable for `--iface` command line option and
`.conf` file option
[v2.1][] - 2016-12-04
---------------------
### Changes
- Use HTTPS instead of HTTP by default
- Support for disabling HTTPS for `checkip-server`, per provider.
Idea from Valery Frolov
- Add `-I,--ident=NAME` option for syslog+pidfile name
- Deprecate `--pidfile=NAME` option in favor of `--ident=NAME`
### Fixes
- Issue #150: Custom update URL parser fixes
- Issue #151: Support for detecting OpenSSL v1.1
- Issue #144: Clarify use of public vs private IP. It is possible
to register private IP addresses in a public DNS
- Clarify `--foreground` option in man page
- Document minimum required versions of libite and libConfuse
- Portability fixes, replace `__progname` with a small function,
replace `%m` with `%s` and `strerror(errno)`.
[v2.0][] - 2016-09-12
---------------------
New configuration file format, changed command line options, improved
HTTPS support using GnuTLS and Open/LibreSSL. Inadyn now comes with
certificate validation enabled by default.
### Changes
- New configuration file format using [libConfuse][]
- Radically simplified command line, a .conf file is now required
- Reorganized SSL code, split `ssl.c` into `openssl.c` and `gnutls.c`
- Strict HTTPS certificate validation is now default. To disable this
use `strict-ssl = false` in the .conf file.
- Certificate validation uses trusted CA certificates from the system
with fall-backs to certain known locations. To override this default
handling a `ca-trust-file = FILE` setting in `inadyn.conf` can be used
to provide the path to another CA cert bundle, in PEM format.
- Massive overhaul of `inadyn(8)` and `inadyn.conf(5)` man pages
- Support for reading address from interface, including IPv6 addresses
- Support for calling an external script to get the IP address
- Support for multiple users @ same provider, idea from Valery Frolov:
provider default@no-ip.com:1 {
username = ian
password = secret
alias = flemming.no-ip.com
}
provider default@no-ip.com:2 {
username = james
password = bond
alias = spectre.no-ip.com
}
- Support for ddnss.de and dynv6.com, contributed by Sven Hoefer
- Support for spdyn.de, on request from Frank Röhm
- Support for strato.com, contributed by Duncan Overbruck
- Support for disabling IP address validation: `verify-address = false`
- Refactored memory handling and privilige separation to simplify code
- Refactored logging and backgrounding to simplify code
- Removed old compatibility symlinks and other required GNU specific
files, we now distribute and install README.md and ChangeLog.md
### Fixes
- Fix issue #61: Add HTTPS certificate validation for OpenSSL/LibreSSL
- Fix issue #67: Use GnuTLS native API for HTTPS
- Fix DuckDNS: now requires 'www.' prefix in server URL. By Frank Aurich
- Fix issue #110: Poodle `SSL_MODE_SEND_FALLBACK_SCSV` not needed
- Fix issue #101: Remove support for custom pidfile
- Fix issue #102: Relocate cache files `/var/run/inadyn` to `/var/cache/inadyn`
- Fix issue #113: `--drop-privs` does not work
- Add actual permissions check to `os_check_perms()`
- Fix issue #121: Support for fully customizable update URL
- Fix issue #122: Only use HTTPS connection for DNS update, not checkip
- Fix issue #131: Use FreeDNS' own checkip server instead of DYN.com's
- Fix issue #134: Support wildcard cert with GnuTLS backend
Update doveot2 to 2.3.9.2, previous fix for CVE-2019-19722 was partial fix.
v2.3.9.2 2019-12-13 Aki Tuomi <aki.tuomi@open-xchange.com>
- Mails with empty From/To headers can also cause crash
in push notification drivers.
0.111
- Fix the wrongly assigned OS/2 weight class values that e.g. led to Extra Bold
being selected when Bold was requested.
0.110
- Space everything a little bit tighter.
- Scale down whiteCircle and blackCircle by 50%, makes password dots smaller.
- Tweak feet of one.lf slightly for a more even appearance.
- Revise lcaron, dcaron and tcaron for collision-free rendering even at bold
weight. Will need kerning later.
- Add draft of Cyrillic (GF Cyrillic Plus set), to be improved.
- Equalize advance width of period, comma, colon, semicolon.
- Build packages with prebuilt fonts baked in.
- New contributed AppStream metadata translations for Slovak (Dušan Kazik),
Slovenian (Matej Urbančič), Russian (Stas Solovey) and Chinese China
(Dingzhong Chen).
0.101
- Countless detail updates to various glyphs
- Added contributed AppStream metdata translations for Polish (Piotr Drąg),
French (Claude Paroz), Indonesian (Kukuh Syafaat), Galician (Fran Dieguez),
Occitan (Cédric Valmary), Chinese Taiwan (Cheng-Chia Tseng), Spanish (Daniel
Mustieles), Catalan (Adolfo Jayme), Croatian (gogo), German (Tim Sabsch),
Dutch (Nathan Follens), Turkish (Emin Tufan Çetin), Serbian (Марко Костић),
Serbian Latin (Marko Kostić), Hungarian (Gabor Kelemen), Korean (DaeHyun
Sung), Czech (Marek Černocký), Lithuanian (Aurimas Černius), Danish (Ask
Hjorth Larsen), Italian (Gianvito Cavasoli), Romanian (Daniel Șerbănescu),
Punjabi (A S Alam), Latvian (Rūdolfs Mazurs), Swedish (Anders Jonsson),
Icelandic (Sveinn í Felli), Greek (Efstathios Iosifidis)
0.100
- Redesigned from scratch to interpolate cleanly from thin to extra bold.
Currently targets the Google Fonts Latin Core and Pro glyph sets.
- Added contributed AppStream metdata translations for Brazilian Portugese
(Rafael Fontenelle), Friulian (Fabio Tomat) and Finnish (Jiri Grönroos).
v3.11
@rsms rsms released this Oct 23, 2019 · 15 commits to master since this release
- Fixes issue (regression) with variable font where certain glyphs would
slant in the wrong direction. #198
- Fixes issue (regression) with variable font where version metadata would be
wrong. #202
- Fixes codepoint mapping for /copyleft glyph. #203
- Improves metadata of variable fonts. “fullName” name table entry is now
“Inter” instead of “Inter Regular”.
- New alternate-named variable font “Inter V”. With a different family name,
this is useful for when you want to install the variable version alongside
traditional static font files.
- Improvements to /backslash glyph
v3.10
@rsms rsms released this Sep 7, 2019 · 35 commits to master since this release
Release 3.10 is a mix of new glyphs & glyph changes, and adjustments & fixes.
New glyphs:
- blackSquare (U+25A0)
- whiteSquare (U+25A1)
- whiteRoundedCornersSquare (U+25A2)
- lowerHalfWhiteSquare (U+2B12)
- topHalfWhiteSquare (U+2B13)
- downWhiteTriangle (U+25BD)
- upWhiteTriangle (U+25B3)
- leftWhiteTriangle (U+25C1, U+25C5)
- rightWhiteTriangle (U+25B7, U+25BB)
Other notable changes:
- Fixes alignment issue with otilde U+00F5. #191
- Improvements to contextual alternates (calt), primarily reducing the cases
where case substitution is unwanted. #193
- Adjustments to the following whitespace glyphs: zerowidthspace, hairspace,
thinspace, punctuationspace, enspace, emspace, sixthemspace,
quarteremspace, thirdemspace and figurespace. #185
- Improvements to ogonek-based diacritics.
- Refinements and improvements to fractions (both dedicated glyphs and
arbitrary frac parts)
- Kerning improvements to all weights
- Progress on mark and mkmk “dynamic diacritics”
v3.9
@rsms rsms released this Aug 7, 2019 · 58 commits to master since this release
Fixes an issue with metadata where Medium, Semi Bold, and Extra Bold would
incorrectly be marked as “italic” which would confuse certain software.
v3.8
@rsms rsms released this Aug 5, 2019 · 62 commits to master since this release
- Possibly breaking change: Variable italic axis (really, slnt axis) has been
inverted (negated) — a negative value causes the text to lean rightwards.
This is only a breaking change if you are using the multi-axis variable
font (Inter.var) and define slant angle using high-level CSS properties
like font-style. This change was done to comply with the convention defined
in the OpenType spec. #175#172
- Variable font files are now significantly smaller thanks to #171 and #169
□ Inter.var.woff2 v3.7: 393kB, v3.8: 306kB
□ Inter-upright.var.woff2 v3.7: 267kB, v3.8: 224kB
□ All this while v3.8 introduces a whole new set of glyphs, kerning and
feature code.
- Adds several new glyphs, like double-stemmed arrows and enclosed
alphanumerics & symbols
□ Warning sign #168
□ Copyleft symbol #165
□ Really long arrows, useful in ligatures like --->
□ Arrows with double-lined stems, useful for “assign to”, with ligatures
defined for some combinations with equals, e.g. =>
□ Enclosed glyphs in circles and squares
- Fixes a bug where U+0430 Cyrillic lower-case a would not be substituted for
a single-storey “a” with cv11 enabled. #179
- Fixes a bug with slant of Ͽ (U+03FF) #170#169
- Some calt code has moved to liga (standard ligatures), specifically arrow
ligatures. Automatic case alignment is still kept in calt. So, you can now
disable calt to disable only case alignment, and disable liga to only
disable arrow ligatures.
- Improvements to kerning, spacing and letterform details
- Improved Microsoft Windows installation instructions #173
v3.7
@rsms rsms released this May 31, 2019 · 103 commits to master since this
release
- Fixes an issue with spacing to the right of capital "M"
- Improves positioning of various bullet glyphs
- Improved kerning
- new copyright glyph U+00A9
- new published (aka sound recording copyright) glyph U+2117
- new registered sign glyph U+00AE
- release now contains installation instructions for Linux
v3.6
@rsms rsms released this May 27, 2019 · 123 commits to master since this
release
- Fixes an issue related to ttfautohint where lower case "r" would be grid
fitted incorrectly by ClearType on Microsoft Windows #119
- Fixes an issue with using case and calt features in combination where arrow
combinations like -> would not be substituted by arrow glyphs #161
- Fixes an issue with rightArrow of bolder weights in italic #154
- Adjusts the glyph width of "bullet" to be exactly two "space" glyphs wide,
allowing easy ad-hoc list creation with wrapping lines
- Improved kerning for a.1 (alternate single-storey "a")
v3.5
@rsms rsms released this Apr 2, 2019 · 139 commits to master since this release
This is a very small incremental change from v3.4 that mainly contains improved
metrics metadata for some macOS applications, improving vertical alignment.
v3.4
@rsms rsms released this Apr 1, 2019 · 144 commits to master since this release
Lots of changes in this release.
Highlights include:
- Workaround for bug with some Apple software (including Sketch) where the
computed line height of the Regular weight would be too tall
- Several new symbol glyphs, especially in the technical area (e.g. computer
keyboard symbols)
- Single-storey a
- Lots of improvements to diacritics
Some interesting commits since v3.3:
- 9084323 slight increase of slant of /numbersign
- e903526 remove slant from /degree
- c130c69 misc documentation on variable font usage
- 794662c fixes issues with calt substitution ignore rule
- 1abaae4 fixes issue with shapes of a.1
- aa2a3fe adds single-storey a
- e605458 fix issue with x paths and adds blackstar U+2605, whitestar U+2606
- ccc994e swap one <-> one.ss01
- 3b9675e improvements to calt and arithmetic glyphs (e.g. plus, multiply,
etc.)
- 56e2c75 Swaps r.1 <-> r + rips out calt r.1 code + adds ss03 for "r curves
into corund neighbors"
- dddf6d2 Fixes kerning of pair /v/idotless -- closes#143
- 1dbc8fd Change vertical metrics to make Apple ATS work properly. New
ascender value: 2728, new descender value: -680
- e1d8712 reworked commaaccent
- fb79b9e Use vert metrics script to fix line heights issue #124 (#141)
- 3488601 Adds 'Version ' prefix to nameID 5 version string, per MS OT spec (
#140)
- 70f3df7 Fixup STAT tables of single-axis variable fonts to aid desktop apps
(style linking). Related to #142
- 35a2362 Adds --name option to "fontbuild compile-var" for customizing
family name, useful for producing variable font files with a different name
than the constant files so they can be installed alongside each other.
Closes#144
- 20aaab6 Change version encoding in font files to match common zero-padded
version to allow FontBakery to be happy. Closes#138
- 1208ea9 adds returnsymbol U+23CE
- 610b997 Adds several "technical" glyphs
- a503c5a Adds glyphs leftHookArrow, upWhiteArrow, upBlackArrow, control,
option, deleteleft, deleteright
- 9f176ab improved placeofinterestsign U+2318
- 0b8f63c Fix and improve paths (mostly order) of several glyphs
- 6cf0980 redraws and adds paragraphreversed, blackleftbullet,
blackrightbullet and .case versions
- a1a1288 redrawn seagullsubnosp U+033C (also fixes bad paths)
- 181ba19 fixes paths of uni0346 (COMBINING BRIDGE ABOVE)
- 528f843 improvements to grave, acute, dblgrave and tonos diacritics
- 6ef7b3e disable exporting of debug glyph uniE001
- 162519e update panose metadata
- 034a240 fixes missing "-BETA" filename suffix in the demo CSS file included
with dists
- a99328b Upgrade toolchain. glyphsLib 3.2.0b2 -> 3.2.0; fontmake 1.8.0 ->
1.9.1
- a0af904 workaround for bug in Safari where contextual sub in liga causes
kerning to fail. Moves "r" ligature to calt to work around this bug.
v3.3
@rsms rsms released this Feb 4, 2019 · 203 commits to master since this release
Inter UI is now called simply Inter, without the "UI" part.
- New name
- Lots of diacritic improvements
- Beta-grade light styles are now suffixed " BETA" to make it extra clear
that these are in development
- Many many changes; several new glyphs, lots of redrawn glyphs, lots of
kerning improvements, etc.
v3.2
@rsms rsms released this Jan 4, 2019 · 276 commits to master since this release
- Now includes lighter weights ([100–400); which are of beta quality and
needs testing)
- Lots of improvements to other weights (diacritics, glyph shapes, kerning,
etc.)
This release is a big one in terms of source changes, adding up to 14,117
changed files with 714,886 additions and 259,287 deletions, since v3.1.
PDF glyph charts:
- Inter-UI-Thin-BETA-glyphs.pdf
- Inter-UI-ThinItalic-BETA-glyphs.pdf
- Inter-UI-Regular-glyphs.pdf
- Inter-UI-Italic-glyphs.pdf
- Inter-UI-Black-glyphs.pdf
- Inter-UI-BlackItalic-glyphs.pdf
(PKGREVISION not reset on xenkernel411 on purpose, to enphasis that it's
not a stock Xen 4.11.3 kernel).
Changes since 4.11.2:
- includes all security patches up to XSA306
- other minor bug fixes, hardware support and performances improvements
In addition, xenkernel411 includes all security patches released since 4.11.3,
up to XSA311
The bundled lcms2mt was still accidentally picked up making packages
linked against graphics/lcms2 aborting (e.g. ImageMagick) when handling
format that used ghostscript-agpl.
PKGREVISION++
[2.4.11]:
Added
Added geturl for TarFS and ZipFS for 'fs' purpose. NoURL for 'download' purpose.
Added helpful root path in CreateFailed exception
Added Python 3.8 support
Fixed
Fixed tests leaving tmp files
Fixed typing issues
Fixed link namespace returning bytes
Fixed broken FSURL in windows
Fixed hidden exception at fs.close() when opening an absent zip/tar file URL
Fixed abstract class import from collections which would break on Python 3.8
Fixed incorrect imports of mock on Python 3
Removed some unused imports and unused requirements.txt file
Added mypy checks to Travis.
Fixed missing errno.ENOTSUP on PyPy.
Fixed bug in a decorator that would trigger an AttributeError when a class was created that implemented a deprecated method and had no docstring of its own.
Changed
Entire test suite has been migrated to pytest.
Style checking is now enforced using flake8; this involved some code cleanup such as removing unused imports.
[2.4.10]:
Fixed
Fixed broken WrapFS.movedir
[2.4.9]:
Fixed
Restored fs.path import
Fixed potential race condition in makedirs.
Added missing methods to WrapFS.
Changed
MemFS now immediately releases all memory it holds when close() is called, rather than when it gets garbage collected.
FTPFS now translates EOFError into RemoteConnectionError.
Added automatic close for filesystems that go out of scope.
[2.4.8]:
Changed
geturl will return URL with user/password if needed @zmej-serow
[2.4.7]:
Added
Flag to OSFS to disable env var expansion
[2.4.6]:
Added
Implemented geturl in FTPFS @zmej-serow
Fixed
Fixed FTP test suite when time is not UTC-0 @mrg0029
Fixed issues with paths in tarfs https://github.com/PyFilesystem/pyfilesystem2/issues/284
Changed
Dropped Python3.3 support
[2.4.5]:
Fixed
Restored deprecated setfile method with deprecation warning to change to writefile
Fixed exception when a tarfile contains a path called '.' https://github.com/PyFilesystem/pyfilesystem2/issues/275
Made TarFS directory loading lazy
Changed
Detect case insensitivity using by writing temp file
[2.4.4]:
Fixed
OSFS fail in nfs mounts
[2.4.3]:
Fixed
Fixed broken "case_insensitive" check
Fixed Windows test fails
[2.4.2]:
Fixed
Fixed exception when Python runs with -OO
[2.4.1]:
Fixed
Fixed hash method missing from WrapFS
[2.4.0]:
Added
Added exclude and filter_dirs arguments to walk
Micro-optimizations to walk
[2.3.1]:
Fixed
Add encoding check in OSFS.validatepath
[2.3.0]:
Fixed
IllegalBackReference had mangled error message
Added
FS.hash method
3.1.0:
Add plugins via entry points pytest_randomly.random_seeder to allow outside packages to register additional random generators to seed. This has added a dependency on the entrypoints package.
3.0.0:
Update Python support to 3.5-3.7, as 3.4 has reached its end of life.
Handle CollectErrors and ImportErrors during collection when accessing item.module.
Version: 1.5.5:
**Enhancements**
- colored test output.
**Bug fixes**
- CRLF line endings are replaced with CRCRLF in ASCII mode downloads.
- import error due to multiprocessing.Lock() bug.
Lest we be accused that users have to wait many years to get fixes out,
let's quickly release the branch before the calendar turns over over again
so it's just some years. The actual fixes here are some found by static
analysers, and a build fix for Windows (which, curiously, is dated to 2012
so clearly we're at the top of the game here). Nothing overly exciting, but
covscan, parfait, etc. should be a bit happier now.
Alan Coopersmith (3):
After fdopen(), use fclose() instead of close() in error path
Update README for gitlab migration
Update configure.ac bug URL for gitlab migration
Benjamin Tissoires (1):
parse: simplify error paths in xpmParseColors()
Dave Bodenstab (1):
Windows build fixes
Emil Velikov (1):
autogen.sh: use quoted string variables
Fabrice Fontaine (1):
Allow usage when fork() is not available
Mihail Konev (1):
autogen: add default patch prefix
Peter Hutterer (3):
autogen.sh: use exec instead of waiting for configure to finish
parse: avoid memleak on error with STRLCAT/STRLCPY
libXpm 3.5.13
5.6.7
**Bug fixes**
- 1630_: [Windows] can't compile source distribution due to C syntax error.
5.6.6
**Bug fixes**
- 1179_: [Linux] Process cmdline() now takes into account misbehaving processes
renaming the command line and using inappropriate chars to separate args.
- 1616_: use of Py_DECREF instead of Py_CLEAR will result in double free and
segfault (CVE).
- 1619_: [OpenBSD] compilation fails due to C syntax error.
MachineStackMarker.cpp. i didn't compile i386, arm or
mips with this, but it has a chance of working vs the
existing freebsd-derived patch.
XXX: someone extend this to all our CPUs, please. i
only fixed the existing maybe claimed support.
