April 2017 - fonts-bugs - Fedora Mailing-Lists

[Bug 1444904] New: CVE-2017-7858 freetype: out-of-bounds write related to the TT_Get_MM_Var and sfnt_init_face functions

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1444904 Bug ID: 1444904 Summary: CVE-2017-7858 freetype: out-of-bounds write related to the TT_Get_MM_Var and sfnt_init_face functions Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com, cfergeau(a)redhat.com, dblechte(a)redhat.com, eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com, kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mkasik(a)redhat.com, rbalakri(a)redhat.com, rh-spice-bugs(a)redhat.com, rjones(a)redhat.com, sherold(a)redhat.com, srevivo(a)redhat.com, ydary(a)redhat.com, ykaul(a)redhat.com FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. Bug report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738 Upstream patch: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=77930... -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 10 months

1
6
0 / 0

[Bug 1444898] New: CVE-2017-7857 freetype: heap-based buffer overflow related to the TT_Get_MM_Var function

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1444898 Bug ID: 1444898 Summary: CVE-2017-7857 freetype: heap-based buffer overflow related to the TT_Get_MM_Var function Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com, cfergeau(a)redhat.com, dblechte(a)redhat.com, eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com, kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mkasik(a)redhat.com, rbalakri(a)redhat.com, rh-spice-bugs(a)redhat.com, rjones(a)redhat.com, sherold(a)redhat.com, srevivo(a)redhat.com, ydary(a)redhat.com, ykaul(a)redhat.com FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. Bug report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759 Upstream patch: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb9... -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 10 months

1
6
0 / 0

[Bug 1444895] New: CVE-2016-10328 freetype: heap-based buffer overflow related to the cff_parser_run function

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1444895 Bug ID: 1444895 Summary: CVE-2016-10328 freetype: heap-based buffer overflow related to the cff_parser_run function Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com, cfergeau(a)redhat.com, dblechte(a)redhat.com, eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com, kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mkasik(a)redhat.com, rbalakri(a)redhat.com, rh-spice-bugs(a)redhat.com, rjones(a)redhat.com, sherold(a)redhat.com, srevivo(a)redhat.com, ydary(a)redhat.com, ykaul(a)redhat.com FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. Bug report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289 -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 10 months

1
6
0 / 0

[Bug 1446500] New: CVE-2017-8105 freetype: heap-based buffer overflow related to the t1_decoder_parse_charstrings

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1446500 Bug ID: 1446500 Summary: CVE-2017-8105 freetype: heap-based buffer overflow related to the t1_decoder_parse_charstrings Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com, cfergeau(a)redhat.com, dblechte(a)redhat.com, eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com, kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com, mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com, mkasik(a)redhat.com, rbalakri(a)redhat.com, rh-spice-bugs(a)redhat.com, rjones(a)redhat.com, sherold(a)redhat.com, srevivo(a)redhat.com, ydary(a)redhat.com, ykaul(a)redhat.com FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. Bug report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 Upstream patch: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c... -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 10 months

1
7
0 / 0

[Bug 1423225] New: apanov-edrip-fonts: FTBFS in rawhide

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1423225 Bug ID: 1423225 Summary: apanov-edrip-fonts: FTBFS in rawhide Product: Fedora Version: rawhide Component: apanov-edrip-fonts Assignee: nicolas.mailhot(a)laposte.net Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, nicolas.mailhot(a)laposte.net, paul(a)frixxon.co.uk Blocks: 1423041 Your package apanov-edrip-fonts failed to build from source in current rawhide. https://koji.fedoraproject.org/koji/taskinfo?taskID=17710156 For details on mass rebuild see https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1423041 [Bug 1423041] Fedora 26 Mass Rebuild FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 10 months

1
5
0 / 0

[Bug 1271620] New: please update spec templates as per latest guidelines

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1271620 Bug ID: 1271620 Summary: please update spec templates as per latest guidelines Product: Fedora Version: 23 Component: fontpackages Assignee: nicolas.mailhot(a)laposte.net Reporter: kvolny(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, nicolas.mailhot(a)laposte.net, paul(a)frixxon.co.uk, tagoh(a)redhat.com Description of problem: I'm trying to package a font. While filing the spec template, I have found that there is: %install rm -fr %{buildroot} but the buildroot is now cleaned automatically so the `rm` command should not be present. Please update the spec templates according to the latest guidelines. Also note that there may be other deviations from current packaging guidelines that I have overlooked ... Version-Release number of selected component (if applicable): fontpackages-devel-1.44-14.fc23.noarch -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=162cGuTqJk&a=cc_unsubscribe

5 years, 10 months

2
5
0 / 0

[Bug 1400602] New: stix-fonts-2.0.0 is available

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1400602 Bug ID: 1400602 Summary: stix-fonts-2.0.0 is available Product: Fedora Version: rawhide Component: stix-fonts Keywords: FutureFeature, Triaged Assignee: nicolas.mailhot(a)laposte.net Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, nicolas.mailhot(a)laposte.net, paul(a)frixxon.co.uk Latest upstream release: 2.0.0 Current version/release in rawhide: 1.1.0-9.fc24 URL: http://sourceforge.net/projects/stixfonts Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/4893/ -- You are receiving this mail because: You are on the CC list for the bug.

5 years, 11 months

2
6
0 / 0

[Bug 499358] New: [as_IN] [Codepoint- Additional Vowels] U+09E2 has error.

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: [as_IN] [Codepoint- Additional Vowels] U+09E2 has error. https://bugzilla.redhat.com/show_bug.cgi?id=499358 Summary: [as_IN] [Codepoint- Additional Vowels] U+09E2 has error. Product: Fedora Version: 10 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: low Component: pango AssignedTo: besfahbo(a)redhat.com ReportedBy: xinsun(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: besfahbo(a)redhat.com, fedora-fonts-bugs-list(a)redhat.com Classification: Fedora Target Release: --- Description of problem: Input "09E2" with "RAW CODE" in gedit, the word has error. Version-Release number of selected component (if applicable): pangomm-2.14.1-1.fc10.x86_64 pango-1.22.3-1.fc10.i386 pango-1.22.3-1.fc10.x86_64 pango-devel-1.22.3-1.fc10.x86_64 How reproducible: Steps to Reproduce: 1.Select "RAW CODE" in scim-bridge. 2.Input "09E2" in gedit. Actual results: The result is ৢ and is different from the URL http://batman.bne.redhat.com/~indic/IndicTC/lang/as_IN/font/image/09E2.jpg Expected results: The word is same with the URL http://batman.bne.redhat.com/~indic/IndicTC/lang/as_IN/font/image/09E2.jpg Additional info: -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

6 years, 2 months

2
7
0 / 0

[Bug 1433628] New: First line of pixels chopped off in Chromium/ Chrome when liberation-fonts built with fontforge > 20150430

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1433628 Bug ID: 1433628 Summary: First line of pixels chopped off in Chromium/Chrome when liberation-fonts built with fontforge > 20150430 Product: Fedora Version: 25 Component: liberation-fonts Assignee: psatpute(a)redhat.com Reporter: chillermillerlong(a)hotmail.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, petersen(a)redhat.com, psatpute(a)redhat.com Description of problem: The current liberation-fonts package is built by fontforge 20160404 and results in the top of the fonts being chopped off in some pages in Chrome/Chromium. For example, with this page: https://www.reddit.com/r/linux/comments/600h4f/wine_24_released/ When built with fontforge 20160404: http://i.imgur.com/kO2H3Hw.png When built with fontforge 20150430: http://i.imgur.com/IQmu5o3.png Notice how the first line of pixels is getting chopped off. Version-Release number of selected component (if applicable): liberation-fonts-common-1.07.4-7.fc24.noarch liberation-mono-fonts-1.07.4-7.fc24.noarch liberation-sans-fonts-1.07.4-7.fc24.noarch liberation-serif-fonts-1.07.4-7.fc24.noarch fontforge-20160404-5.fc25.x86_64 Additional info: I did a git bisect and found that this is the commit in fontforge that introduced the issue. --- [chenxiaolong@cxl-fedora25vm fontforge]$ git bisect bad e870019c2602d50eb00793e979f3e11bcc71d6cf is the first bad commit commit e870019c2602d50eb00793e979f3e11bcc71d6cf Author: Frédéric Wang <fred.wang(a)free.fr> Date: Wed May 13 08:03:13 2015 +0200 Fix read/write of bits USE_TYPO_METRICS and WWS for OS2 version < 4 :040000 040000 7032ea971c1d084ab8a038b4a80d9092e53a8519 eb11e4b5a69718ad94d8dbfc414e7b2a944548d3 M fontforge --- https://github.com/fontforge/fontforge/commit/e870019c2602d50eb00793e979f... Is this something that can be fixed without affecting/breaking other fonts? -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 3 months

1
13
0 / 0

[Bug 1414319] New: freetype ftoption.h evaluates undefined macros

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1414319 Bug ID: 1414319 Summary: freetype ftoption.h evaluates undefined macros Product: Fedora Version: 25 Component: freetype Severity: low Assignee: mkasik(a)redhat.com Reporter: yeti(a)physics.muni.cz QA Contact: extras-qa(a)fedoraproject.org CC: behdad(a)fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, kevin(a)tigcc.ticalc.org, mkasik(a)redhat.com Description of problem: Header file /usr/include/freetype2/freetype/config/ftoption.h evaluates the numerical value of undefined macro TT_CONFIG_OPTION_SUBPIXEL_HINTING. This is somewhat annoying with -Wundef (and a poor practice). Version-Release number of selected component (if applicable): freetype-2.6.5-1.fc25 How reproducible: Always. Steps to Reproduce: 1. Create file bug.c with the following contents: #include <ft2build.h> #include FT_FREETYPE_H 2. Run (with freetype-devel installed) gcc -Wundef -c $(pkg-config --cflags freetype2) bug.c Actual results: In file included from /usr/include/freetype2/freetype/config/ftconfig-64.h:42:0, from /usr/include/freetype2/freetype/config/ftconfig.h:9, from /usr/include/freetype2/freetype/freetype.h:33, from bug.c:2: /usr/include/freetype2/freetype/config/ftoption.h:845:5: warning: "TT_CONFIG_OPTION_SUBPIXEL_HINTING" is not defined [-Wundef] #if TT_CONFIG_OPTION_SUBPIXEL_HINTING & 1 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /usr/include/freetype2/freetype/config/ftoption.h:849:5: warning: "TT_CONFIG_OPTION_SUBPIXEL_HINTING" is not defined [-Wundef] #if TT_CONFIG_OPTION_SUBPIXEL_HINTING & 2 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Expected results: It compiles cleanly. Additional info: The numerical evaluation should be guarded by an #ifdef -- AFAICT the expected behaviour when TT_CONFIG_OPTION_SUBPIXEL_HINTING is undefined is that neither TT_SUPPORT_SUBPIXEL_HINTING_INFINALITY nor TT_SUPPORT_SUBPIXEL_HINTING_MINIMAL should be defined: --- ftoption.h.orig 2017-01-18 10:41:32.517812687 +0100 +++ ftoption.h 2017-01-18 10:42:16.852136325 +0100 @@ -842,6 +842,7 @@ #ifdef TT_CONFIG_OPTION_BYTECODE_INTERPRETER #define TT_USE_BYTECODE_INTERPRETER +#ifdef TT_CONFIG_OPTION_SUBPIXEL_HINTING #if TT_CONFIG_OPTION_SUBPIXEL_HINTING & 1 #define TT_SUPPORT_SUBPIXEL_HINTING_INFINALITY #endif @@ -850,6 +851,7 @@ #define TT_SUPPORT_SUBPIXEL_HINTING_MINIMAL #endif #endif +#endif /* -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 4 months

2
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

fonts-bugs April 2017