fixes CVE-2017-7857 CVE-2017-7858 CVE-2017-7864 CVE-2017-8105 CVE-2017-8287
Upstream change announcement:
I. IMPORTANT CHANGES
- Support for OpenType Variation Fonts is now complete. The last
missing part was handling the `VVAR' and `MVAR' tables, which is
available with this release.
- A new function `FT_Face_Properties' allows the control of some
module and library properties per font. Currently, the
following properties can be handled: stem darkening, LCD filter
weights, and the random seed for the `random' CFF operator.
- The PCF change to show more `colourful' family names (introduced
in version 2.7.1) was too radical; it can now be configured with
PCF_CONFIG_OPTION_LONG_FAMILY_NAMES at compile time. If
activated, it can be switched off at run time with the new pcf
property `no-long-family-names'. If the `FREETYPE_PROPERTIES'
environment variable is available, you can say
FREETYPE_PROPERTIES=pcf:no-long-family-names=1
- Support for the following scripts has been added to the
auto-hinter.
Adlam, Avestan, Bamum, Buhid, Carian, Chakma, Coptic, Cypriot,
Deseret, Glagolitic, Gothic, Kayah, Lisu, N'Ko, Ol Chiki, Old
Turkic, Osage, Osmanya, Saurashtra, Shavian, Sundanese, Tai
Viet, Tifinagh, Unified Canadian Syllabics, Vai
II. IMPORTANT BUG FIXES
- `Light' auto-hinting mode no longer uses TrueType metrics for
TrueType fonts. This bug was introduced in version 2.4.6,
causing horizontal scaling also. Almost all GNU/Linux
distributions (with Fedora as a notable exception) disabled the
corresponding patch for good reasons; chances are thus high that
you won't notice a difference.
If optical backward compatibility for legacy applications is
necessary, you might enable the AF_CONFIG_OPTION_TT_SIZE_METRICS
configuration option. However, it is strongly recommended to
avoid that, adjusting font sizes instead.
- If a TrueType font gets loaded with FT_LOAD_NO_HINTING, FreeType
now scales the font linearly again (bug introduced in version
2.4.6).
- CVE-2017-8105, CVE-2017-8287: Older FreeType versions have
out-of-bounds writes caused by heap-based buffer overflows
related to Type 1 fonts.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
III. MISCELLANEOUS
- A new function `FT_Set_Default_Properties' has been added to
parse the `FREETYPE_PROPERTIES' environment variable
(previously, it was internal only). `FT_Init_FreeType' always
call this function, but `FT_New_Library' does not (similar to
`FT_Add_Default_Modules').
- To be in sync with OpenType version 1.7 and newer, macros
FT_PARAM_TAG_IGNORE_PREFERRED_FAMILY,
FT_PARAM_TAG_IGNORE_PREFERRED_SUBFAMILY,
TT_NAME_ID_PREFERRED_FAMILY
TT_NAME_ID_PREFERRED_SUBFAMILY
are renamed to
FT_PARAM_TAG_IGNORE_TYPOGRAPHIC_FAMILY,
FT_PARAM_TAG_IGNORE_TYPOGRAPHIC_SUBFAMILY,
TT_NAME_ID_TYPOGRAPHIC_FAMILY
TT_NAME_ID_TYPOGRAPHIC_SUBFAMILY
The old macro names are deprecated (but still available).
- Support for SFNT `name' tables has been improved.
. Format 1 `name' tables are now supported. Use new function
`FT_Get_Sfnt_LangTag' to access associated language tags.
. Language, encoding, and name IDs have been updated to OpenType
version 1.8.1.
- The new CFF engine now handles the `random' operator. All CFF
opcodes are now supported.
- The CFF module has a new property `random-seed' to control the
pseudo-random number generation for the `random' operator.
- The `freetype-config' script is now a wrapper of `pkg-config' if
this program is available in the path.
- FT_LOAD_TARGET_LCD is now a variant of FT_LOAD_TARGET_LIGHT;
this should provide better rendering results.
- A mode to display light auto-hinting with sub-pixel positioning
has been added to `ftdiff'.
8013f2f01f