https://bugzilla.redhat.com/show_bug.cgi?id=1240807
Bug ID: 1240807
Summary: Non-latin glyphs generated by ligatures fi ff fl
Product: Fedora
Version: 21
Component: dejavu-fonts
Severity: urgent
Assignee: nicolas.mailhot(a)laposte.net
Reporter: federicoleva(a)tiscali.it
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org,
nicolas.mailhot(a)laposte.net, paul(a)frixxon.co.uk,
peter(a)thecodergeek.com
Created attachment 1049535
--> https://bugzilla.redhat.com/attachment.cgi?id=1049535&action=edit
The letters in question
Digrams fi ff fl became unreadable after latest update to DejaVu Sans and
DejaVu Sans Bold, being transformed into another script. See attachment.
$ rpm -qa | grep dejavu
dejavu-sans-mono-fonts-2.35-1.fc21.noarch
dejavu-serif-fonts-2.35-1.fc21.noarch
dejavu-fonts-common-2.35-1.fc21.noarch
dejavu-sans-fonts-2.35-1.fc21.noarch
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=c7gmSzHsIE&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1174218
Bug ID: 1174218
Summary: incorrect smoothing
Product: Fedora
Version: 21
Component: freetype
Assignee: mkasik(a)redhat.com
Reporter: lavrinov2004(a)rambler.ru
QA Contact: extras-qa(a)fedoraproject.org
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Description of problem:
In Fedora 21 after an upgrade, upgrade the package to version 2.5.3-13 freetype
resulting stopped working font smoothing in Mozilla Firefox and Wine. In the
previous version 2.5.3-11 freetipe everything worked well.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qPrspQ2jgn&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1062903
Bug ID: 1062903
Summary: cantarell hints very poorly with new freetype CFF
engine (i.e. regression)
Product: Fedora
Version: 20
Component: abattis-cantarell-fonts
Assignee: ccecchi(a)redhat.com
Reporter: pierre-bugzilla(a)ossman.eu
QA Contact: extras-qa(a)fedoraproject.org
CC: ccecchi(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org
Bug 995643 was filed against freetype for hinting Cantarell very poorly. That
was closed as NOTABUG. But that doesn't change the fact that Cantarell is still
fuzzy, which is a major issue for a UI font. So let's try filing this bug the
other way around. :)
Playing around with ftview suggests that forced auto hinting gives back roughly
the same hinting as in Fedora 19. So could we have that as a fontconfig bandaid
until better hinting information is available in the font itself?
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=y3p7SGp4NL&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1191094
Bug ID: 1191094
Summary: CVE-2014-9671 freetype: Off-by-one error in the
pcf_get_properties function in pcf/pcfread.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Common Vulnerabilities and Exposures assigned CVE-2014-9671 to the following
issue:
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in
FreeType
before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer
dereference and application crash) via a crafted PCF file with a 0xffffffff
size
value that is improperly incremented.
http://code.google.com/p/google-security-research/issues/detail?id=157http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d51…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Kh2uxQYUM7&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1191096
Bug ID: 1191096
Summary: CVE-2014-9673 freetype: Integer signedness error in
the Mac_Read_POST_Resource function in base/ftobjs.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Common Vulnerabilities and Exposures assigned CVE-2014-9673 to the following
issue:
Integer signedness error in the Mac_Read_POST_Resource function in
base/ftobjs.c
in FreeType before 2.5.4 allows remote attackers to cause a denial of service
(heap-based buffer overflow) or possibly have unspecified other impact via a
crafted Mac font.
http://code.google.com/p/google-security-research/issues/detail?id=154http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=cE4QxwCKVN&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1191093
Bug ID: 1191093
Summary: CVE-2014-9670 freetype: Multiple integer signedness
errors in the pcf_get_encodings function
inpcf/pcfread.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Common Vulnerabilities and Exposures assigned CVE-2014-9670 to the following
issue:
Multiple integer signedness errors in the pcf_get_encodings function in
pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial
of service (integer overflow, NULL pointer dereference, and application crash)
via a crafted PCF file that specifies negative values for the first column and
first row.
http://code.google.com/p/google-security-research/issues/detail?id=158http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=HvmsnCm2yW&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1191092
Bug ID: 1191092
Summary: CVE-2014-9669 freetype: Multiple integer overflows in
sfnt/ttcmap.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Common Vulnerabilities and Exposures assigned CVE-2014-9669 to the following
issue:
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow
remote attackers to cause a denial of service (out-of-bounds read or memory
corruption) or possibly have unspecified other impact via a crafted cmap SFNT
table.
http://code.google.com/p/google-security-research/issues/detail?id=163http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=lbZKQCjzZ4&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1191090
Bug ID: 1191090
Summary: CVE-2014-9667 freetype: integer overflow and
out-of-bounds read in sfnt/ttload.c
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: vkaigoro(a)redhat.com
CC: behdad(a)fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org,
kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com
Common Vulnerabilities and Exposures assigned CVE-2014-9667 to the following
issue:
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations
without restricting the values, which allows remote attackers to cause a denial
of service (integer overflow and out-of-bounds read) or possibly have
unspecified other impact via a crafted SFNT table.
http://code.google.com/p/google-security-research/issues/detail?id=166http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f…
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zImGNf0ZHS&a=cc_unsubscribe