From 5c9c87da94bc8d71f77e53686827b3935ac9ae50 Mon Sep 17 00:00:00 2001
From: Carlo Landmeter <clandmeter@gmail.com>
Date: Thu, 8 Jun 2017 09:54:50 +0200
Subject: main/freetype: upgrade to 2.8

Added a profile script (from archlinux) to change Subpixel hinting mode.
---
 main/freetype/APKBUILD            | 20 +++++++++++-------
 main/freetype/CVE-2017-8105.patch | 44 ---------------------------------------
 main/freetype/CVE-2017-8287.patch | 32 ----------------------------
 main/freetype/freetype-profile.sh | 12 +++++++++++
 4 files changed, 25 insertions(+), 83 deletions(-)
 delete mode 100644 main/freetype/CVE-2017-8105.patch
 delete mode 100644 main/freetype/CVE-2017-8287.patch
 create mode 100644 main/freetype/freetype-profile.sh

(limited to 'main')

diff --git a/main/freetype/APKBUILD b/main/freetype/APKBUILD
index 6043cdde0c..e2b501e90e 100644
--- a/main/freetype/APKBUILD
+++ b/main/freetype/APKBUILD
@@ -1,12 +1,13 @@
 # Contributor: Carlo Landmeter <clandmeter@gmail.com>
 # Maintainer: Carlo Landmeter <clandmeter@gmail.com>
 pkgname=freetype
-pkgver=2.7.1
-pkgrel=1
+pkgver=2.8
+pkgrel=0
 pkgdesc="TrueType font rendering library"
 url="http://freetype.sourceforge.net"
 arch="all"
 license="GPL"
+options="!check"
 depends=""
 depends_dev=""
 makedepends="$depends_dev zlib-dev libpng-dev bzip2-dev"
@@ -16,8 +17,9 @@ source="http://download.savannah.gnu.org/releases/freetype/freetype-$pkgver.tar.
 	0001-Enable-table-validation-modules.patch
 	0002-Enable-subpixel-rendering.patch
 	0003-Enable-infinality-subpixel-hinting.patch
-	CVE-2017-8105.patch
-	CVE-2017-8287.patch
+	freetype-2.8-loop-counter.patch
+	freetype-2.8-pcf-encoding.patch
+	freetype-profile.sh
 	"
 
 # secfixes:
@@ -45,15 +47,19 @@ package() {
 	cd "$builddir"
 	make DESTDIR="$pkgdir" install || return 1
 
+	install -Dm644 "$srcdir"/freetype-profile.sh \
+		"$pkgdir"/etc/profile.d/freetype.sh
+
 	# for compat. This should be removed once all apps are properly using
 	# pkg-config
 	ln -s freetype2 "$pkgdir"/usr/include/freetype
 }
 
-sha512sums="df39e2ef55f9090a66fecb6b5e9a5d296a043ddfd919d0ce3d7ea5132aa388bfbbeeaa6d6df6513956134b987e1c3a5eac6975c0c9631213af77457a623b49da  freetype-2.7.1.tar.bz2
+sha512sums="3842c34bf6100a8c9b78258146b2ff35e9bb4c993937d3ef09982c1e2552dfd15f8849ddd8a1e84edf08b5a5fb918b68cf7b1584545c5900e22a00bfa1c89ff5  freetype-2.8.tar.bz2
 9981be8a3ea6f2cf856860b87a4e895e4610c9d5ea4beb611815e757e6080e060f6853ace02dd8ea55e5888cdf4bae5ad5eadd2d8a123754bb3c0bfe7ef41dea  40-memcpy-fix.patch
 41a84be2631b53072a76b78c582575aa48b650ee7b00017d018381002bc25df10cf33da4954c95ef50db39f1fa566678e3b4ae9bfee1dfd705423fb53e53e494  0001-Enable-table-validation-modules.patch
 65be5283f5050e9d6ebe1c6808ec28bb46d5290ee84aede570977b66988eeb674524d0a834dbb2999a487e3a85ca292774212dadc5a3e713e1f5b8a80d75ddf3  0002-Enable-subpixel-rendering.patch
 7b52a3d67750d59b2c98e83dab4e0a0ab263142c2ca7bd5f8be5f8fe9cd1dc1f4debad44111c7886665329d8d2a3163756455618a6615df8f85d82bb0372d4dd  0003-Enable-infinality-subpixel-hinting.patch
-b781e831289d0e24ce7901a23f3d8bade164a12ac1ffcc8efdec506507cee73fac127b0fa7c4fd98533400077a38308f2012ba1ba89d020bec00fd04041b2344  CVE-2017-8105.patch
-6dc050e68ced0227e56a61b960e90acec46e984e6c8c70c2604df48eb860ffa946bed7926e0342ef928d3c2b61acb012abc565c0b3bad9324e86f3688180f8a3  CVE-2017-8287.patch"
+fb70684216f36b75e48bf44576349811b21bd6f7caef7b9acad660fe81a54c1916e8f276a4be65f679a5f8b358381f9185ae11739018dca20fcc2726c578e8f4  freetype-2.8-loop-counter.patch
+3ce7a3b102f29c34246a703f037899589b45707ebba462863237550426fbb64acf9009a7a265c43c561e627dcffafbc0f4f65591b7db24bea4112406b8818555  freetype-2.8-pcf-encoding.patch
+da55cf876f28a42374972c7aa3620733a0ab60cdcb7ded57f9353c2dcb6eb9bd11dcc94b9954b71243d2acbb30ef18053b837dc9a31de1a9b443f3a92e6421c1  freetype-profile.sh"
diff --git a/main/freetype/CVE-2017-8105.patch b/main/freetype/CVE-2017-8105.patch
deleted file mode 100644
index b42ae37d7c..0000000000
--- a/main/freetype/CVE-2017-8105.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001
-From: Werner Lemberg <wl@gnu.org>
-Date: Fri, 24 Mar 2017 09:15:10 +0100
-Subject: [PATCH] [psaux] Better protect `flex' handling.
-
-Reported as
-
-  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
-
-* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
-<callothersubr>: Since there is not a single flex operator but a
-series of subroutine calls, malformed fonts can call arbitrary other
-operators after the start of a flex, possibly adding points.  For
-this reason we have to check the available number of points before
-inserting a point.
-
----
-diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c
-index af7b465e..7dd45135 100644
---- a/src/psaux/t1decode.c
-+++ b/src/psaux/t1decode.c
-@@ -780,10 +780,19 @@
-             /* point without adding any point to the outline    */
-             idx = decoder->num_flex_vectors++;
-             if ( idx > 0 && idx < 7 )
-+            {
-+              /* in malformed fonts it is possible to have other */
-+              /* opcodes in the middle of a flex (which don't    */
-+              /* increase `num_flex_vectors'); we thus have to   */
-+              /* check whether we can add a point                */
-+              if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) )
-+                goto Syntax_Error;
-+
-               t1_builder_add_point( builder,
-                                     x,
-                                     y,
-                                     (FT_Byte)( idx == 3 || idx == 6 ) );
-+            }
-           }
-           break;
- 
--- 
-2.11.0
-
diff --git a/main/freetype/CVE-2017-8287.patch b/main/freetype/CVE-2017-8287.patch
deleted file mode 100644
index e33950bf9b..0000000000
--- a/main/freetype/CVE-2017-8287.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
-From: Werner Lemberg <wl@gnu.org>
-Date: Sun, 26 Mar 2017 08:32:09 +0200
-Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
- guard.
-
-Reported as
-
-  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
-
-diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
-index d18e821a..0baf8368 100644
---- a/src/psaux/psobjs.c
-+++ b/src/psaux/psobjs.c
-@@ -1718,6 +1718,14 @@
-     first = outline->n_contours <= 1
-             ? 0 : outline->contours[outline->n_contours - 2] + 1;
- 
-+    /* in malformed fonts it can happen that a contour was started */
-+    /* but no points were added                                    */
-+    if ( outline->n_contours && first == outline->n_points )
-+    {
-+      outline->n_contours--;
-+      return;
-+    }
-+
-     /* We must not include the last point in the path if it */
-     /* is located on the first point.                       */
-     if ( outline->n_points > 1 )
--- 
-2.11.0
-
diff --git a/main/freetype/freetype-profile.sh b/main/freetype/freetype-profile.sh
new file mode 100644
index 0000000000..93165d30fe
--- /dev/null
+++ b/main/freetype/freetype-profile.sh
@@ -0,0 +1,12 @@
+# Subpixel hinting mode can be chosen by setting the right TrueType interpreter
+# version. The available settings are:
+#
+#     truetype:interpreter-version=35  # Classic mode (default in 2.6)
+#     truetype:interpreter-version=38  # Infinality mode
+#     truetype:interpreter-version=40  # Minimal mode (default in 2.7)
+#
+# There are more properties that can be set, separated by whitespace. Please
+# refer to the FreeType documentation for details.
+
+# Uncomment and configure below
+#export FREETYPE_PROPERTIES="truetype:interpreter-version=40"
-- 
cgit v1.2.3