https://bugzilla.redhat.com/show_bug.cgi?id=2186430
Bug ID: 2186430
Summary: CVE-2023-2004 freetype: integer overflowin in
tt_hvadvance_adjust() in src/truetype/ttgxvar.c
[fedora-all]
Product: Fedora
Version: 37
Status: NEW
Component: freetype
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: mkasik(a)redhat.com
Reporter: trathi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: ajax(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org,
gnome-sig(a)lists.fedoraproject.org, mclasen(a)redhat.com,
mkasik(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2186428
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2186430
https://bugzilla.redhat.com/show_bug.cgi?id=2186953
Bug ID: 2186953
Summary: Irrelevant fonts in the English install (KDE spin)
Product: Fedora
Version: 37
Status: NEW
Component: Fonts
Severity: medium
Assignee: i18n-bugs(a)lists.fedoraproject.org
Reporter: ddascalescu(a)gmail.com
QA Contact: fonts-bugs(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Created attachment 1957563
--> https://bugzilla.redhat.com/attachment.cgi?id=1957563&action=edit
Unnecessary fonts
I've just installed the KDE spin with the US English settings, and see tens of
completely irrelevant fonts for characters sets I have no use form (cuneiform
even).
I know I can remove these manually, but it would be nice to not have them
installed to begin with.
--
You are receiving this mail because:
You are the QA Contact for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2186953
https://bugzilla.redhat.com/show_bug.cgi?id=2096153
Bug ID: 2096153
Summary: strange font priorities in Firefox
Product: Fedora
Version: rawhide
Hardware: x86_64
OS: Linux
Status: NEW
Component: google-droid-fonts
Assignee: ali.erdinc.koroglu(a)intel.com
Reporter: tagoh(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: ali.erdinc.koroglu(a)intel.com, contact(a)dannycolin.com,
fonts-bugs(a)lists.fedoraproject.org,
nicolas.mailhot(a)laposte.net, oliver(a)redhat.com,
skyfaller(a)gmail.com
Depends On: 2062386
Target Milestone: ---
Classification: Fedora
Cloning to focus on the Droid specific issue here. please ignore URW related
description.
+++ This bug was initially created as a clone of Bug #2062386 +++
Description of problem:
Sometimes, when using a native font stack in CSS on a web page, fonts that are
not in the font stack at all are substituted for the desired fonts.
This only seems to affect web pages viewed using:
- Fedora (not Ubuntu, Debian 11, or Manjaro)
- Firefox (not Chrome or Chromium)
- When using the RPM version or Mozilla's official build from their website
(not the Flatpak)
Happens in the stable version of Firefox, Firefox Beta, and Firefox nightly.
Two substitutions I've identified so far:
- Droid Sans is substituted for Open Sans
- P052 is substituted for 'URW Palladio L' or Palatino
Substituting for Palatino may be less objectionable, since that's a generic
choice, but URW Palladio L is rather specific and it's surprising to see the
substitution. This also wouldn't be as objectionable if the font substitutions
were better. Droid Sans doesn't look much like Open Sans at all, and P052 looks
really ugly (it has unevenly sized letters). In Firefox Flatpak, it instead
substitutes the better-looking 'TeX Gyre Pagella', and only does that for
Palatino, not for 'URW Palladio L' (which was higher priority in my font
stack). This is more desirable behavior.
The source of the problem seems to be that if you run the following command:
fc-match :family="Open Sans"
It returns Droid Sans.
Possibly related bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1820166https://bugzilla.mozilla.org/show_bug.cgi?id=1406790
How reproducible:
Consistently
Steps to Reproduce:
1. Open a clean Fedora 35 install, and verify that Open Sans is not installed.
2. Create the following web page and view it in a browser:
```
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title></title>
<style>
h1,h2,h3,h4 {
font-family: Open Sans, Fira Sans;
}
</style>
</head>
<body>
<h1>Hello World</h1>
<p>Lorem ipsum dolor sit amet.</p>
</body>
</html>
```
Alternately, view a real live (but more complex) website at
https://www.maximumethics.dev/
Actual results:
Notice that the text on the webpage is displayed in Droid Sans, not Open Sans.
Expected results:
The webpage displays the next available font in the font stack, Fira Sans in
this case, or the browser's default font if you don't have Fira Sans.
--- Additional comment from Akira TAGOH on 2022-03-30 09:26:08 UTC ---
Well, maybe good to file a separate bug to object each substitutions.
For Open Sans, google-droid-sans-fonts has the following config:
<alias binding="same">
<family>Open Sans</family>
<accept>
<family>Droid Sans</family>
</accept>
</alias>
This is the reason why you see that behavior.
For URW Palladio L, urw-base35-fonts-common has the following config:
<alias binding="same">
<family>URW Palladio L</family>
<accept>
<family>P052</family>
</accept>
</alias>
And finally for Palatino, it is in urw-base35-p052-fonts:
<alias binding="same">
<family>Palatino</family>
<accept>
<family>P052</family>
</accept>
</alias>
Although those urw config are coming from upstream. so if you have any
objections for them, it would be good to talk with URW upstream.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2062386
[Bug 2062386] strange font priorities in Firefox
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2096153
https://bugzilla.redhat.com/show_bug.cgi?id=2184872
Bug ID: 2184872
Summary: User installed Japanese fonts override system fonts
when substituting glyphs
Product: Fedora
Version: 37
Status: NEW
Component: fontconfig
Assignee: tagoh(a)redhat.com
Reporter: bztdlinux(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: ajax(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org,
gnome-sig(a)lists.fedoraproject.org,
i18n-bugs(a)lists.fedoraproject.org, mclasen(a)redhat.com,
pnemade(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com, tagoh(a)redhat.com
Target Milestone: ---
Classification: Fedora
Description of problem:
When installing a Japanese font locally (using gnome font viewer, which
effectively copies to ~/.local/share/fonts/), with the default fontconfig, all
kana in the system uses that font.
However, it only affects certain applications. Firefox (rpm) and Inkscape
(flatpak) is affected, but gwrite is not.
Version-Release number of selected component (if applicable):
fontconfig-2.14.0-3.fc37.x86_64
How reproducible:
Always
Steps to Reproduce:
1. Download the following font:
http://font.sumomo.ne.jp/fontdata-c2157415/k-font.zip
2. Unzip and install by double-clicking the font in nautilus and clicking
install.
3. Restart Firefox or Inkscape and paste "です” in a field with sans-serif or
system-ui font
Actual results:
Text appears with the new font
Expected results:
Text appears with the normal system font
Additional info:
Running pango-view, e.g. the following, works fine and selects a reasonable
font (Droid Sans Japanese):
FC_DEBUG=4 pango-view --font="system-ui" -t です | grep family
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2184872
https://bugzilla.redhat.com/show_bug.cgi?id=2188151
Bug ID: 2188151
Summary: Update packages to their latest version
Product: Fedora
Version: 37
Hardware: x86_64
OS: Linux
Status: NEW
Component: sil-charis-fonts
Severity: medium
Assignee: aekoroglu(a)linux.intel.com
Reporter: zolikydev(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: aekoroglu(a)linux.intel.com,
fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com,
nicolas.mailhot(a)laposte.net, pnemade(a)redhat.com
Target Milestone: ---
Classification: Fedora
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/112.0.0.0 Safari/537.36
Build Identifier:
Hello,
I was wondering if you could update the packages "sil-charis-fonts" and
"sil-charis-compact-fonts" to their latest versions? The current ones seem to
be quite outdated.
The newest Charis SIL font is available here:
https://software.sil.org/charis
and the compact version is here: https://software.sil.org/lcgfonts/download
Thank you for your time and consideration.
Reproducible: Always
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2188151
https://bugzilla.redhat.com/show_bug.cgi?id=2151945
Bug ID: 2151945
Summary: libfontenc-1.1.7 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: libfontenc
Keywords: FutureFeature, Triaged
Assignee: btissoir(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: ajax(a)redhat.com, btissoir(a)redhat.com,
caolanm(a)redhat.com,
fonts-bugs(a)lists.fedoraproject.org,
rhughes(a)redhat.com, rstrode(a)redhat.com,
sandmann(a)redhat.com
Target Milestone: ---
Classification: Fedora
Releases retrieved: 1.1.7
Upstream release that is considered latest: 1.1.7
Current version/release in rawhide: 1.1.6-1.fc38
URL: https://gitlab.freedesktop.org/xorg/lib/libfontenc
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M…
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from Anitya:
https://release-monitoring.org/project/1613/
To change the monitoring settings for the project, please visit:
https://src.fedoraproject.org/rpms/libfontenc
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2151945
https://bugzilla.redhat.com/show_bug.cgi?id=2184790
Bug ID: 2184790
Summary: adobe-source-sans-pro-fonts-3.052R is available
Product: Fedora
Version: rawhide
Status: NEW
Component: adobe-source-sans-pro-fonts
Keywords: FutureFeature, Triaged
Assignee: pikachu.2014(a)gmail.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org,
pikachu.2014(a)gmail.com
Target Milestone: ---
Classification: Fedora
Releases retrieved: 3.052, 3.052R
Upstream release that is considered latest: 3.052R
Current version/release in rawhide: 3.046-5.fc38
URL: https://github.com/adobe-fonts/source-sans-pro
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M…
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from Anitya:
https://release-monitoring.org/project/14494/
To change the monitoring settings for the project, please visit:
https://src.fedoraproject.org/rpms/adobe-source-sans-pro-fonts
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2184790
https://bugzilla.redhat.com/show_bug.cgi?id=2087984
Bug ID: 2087984
Summary: Version of Source Code Pro currently packaged breaks
in some cases
Product: Fedora
Version: rawhide
Hardware: All
OS: Linux
Status: NEW
Component: adobe-source-code-pro-fonts
Severity: medium
Assignee: mattrose(a)folkwolf.net
Reporter: jharmiso(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org, mark(a)net-c.com,
mattrose(a)folkwolf.net
Target Milestone: ---
Classification: Fedora
Created attachment 1880946
--> https://bugzilla.redhat.com/attachment.cgi?id=1880946&action=edit
A screenshot of dmesg in Alacritty with Source Code Pro selected
Description of problem:
Source Code Pro version 2.030, currently packaged for all versions of Fedora
and in EPEL, includes an SVG table that causes the freetype library to be
unable to calculate cell height, resulting in unusable output with lines
stacked on top of each other.
Version-Release number of selected component (if applicable):
2.030.1.050-<any>
How reproducible:
Always
Steps to Reproduce:
1. Install adobe-source-code-pro-fonts and alacritty (a terminal emulator that
uses freetype through the crossfont crate) from the current release versions.
2. Configure alacritty to use Source Code Pro. Example config:
~/.config/alacritty/alacritty.yml:
```yaml
font:
normal:
family: Source Code Pro
style: Regular
bold:
family: Source Code Pro
style: Bold
italic:
family: Source Code Pro
style: Italic
bolt_italic:
family: Source Code Pro
style: Bold Italic
size: 10
```
3. Launch alacritty and attempt to use the terminal
Actual results:
The terminal is completely unusable with 1px line height, although the font is
rendering at the correct size.
Expected results:
The terminal has a normal font display behavior and is usable.
Additional info:
2.038 is available and appears to fix the issue
(https://github.com/adobe-fonts/source-code-pro/releases)
See some additional discussion here:
https://github.com/alacritty/alacritty/issues/6048
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2087984
https://bugzilla.redhat.com/show_bug.cgi?id=2221795
Bug ID: 2221795
Summary: Fonts application "Install" button displays
"Installing" even after font is installed
Product: Fedora
Version: 38
Hardware: x86_64
OS: Linux
Status: NEW
Component: Fonts
Keywords: Desktop
Severity: low
Assignee: i18n-bugs(a)lists.fedoraproject.org
Reporter: tony(a)msnomer.com
QA Contact: fonts-bugs(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
I had a couple of new fonts I wanted to use, so I opened one of them up (from
my Downloads folder) in the Gome Fonts application and clicked the Install
button. After the font was installed and available to use, the state of the
button didn't change -- It still displayed Installing).
I repeated this with the other font and got the same results. The system
journal contained nothing interesting. Tried again with a few more fonts and
got the same results.
Reproducible: Always
Steps to Reproduce:
1.Open new font in Fonts
2.Click Install
3....
Actual Results:
Install button state displays "Installing" despite the font being installed
Expected Results:
The button text should perhaps change to "Remove" and become clickable again.
--
You are receiving this mail because:
You are the QA Contact for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2221795
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2063714
Bug ID: 2063714
Summary: serif:lang=ja falls back to Droid Sans instead of Noto
Sans CJK JP
Product: Fedora
Version: 36
Status: NEW
Component: fontconfig
Assignee: tagoh(a)redhat.com
Reporter: petersen(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: ajax(a)redhat.com, caillon+fedoraproject(a)gmail.com,
fonts-bugs(a)lists.fedoraproject.org,
gnome-sig(a)lists.fedoraproject.org,
i18n-bugs(a)lists.fedoraproject.org, mclasen(a)redhat.com,
pnemade(a)redhat.com, rhughes(a)redhat.com,
rstrode(a)redhat.com, sandmann(a)redhat.com,
tagoh(a)redhat.com
Target Milestone: ---
Classification: Fedora
Description of problem:
In Fedora 36 when google-noto-serif-cjk-ttc-fonts is not installed
fontconfig seems to fall back to google-droid-sans-fonts
rather than google-noto-sans-cjk-ttc-fonts.
This might be related to/caused by bug 517789?
How reproducible:
100%
Steps to Reproduce:
1. boot Fedora Live image
2. fc-match serif:lang=ja
Actual results:
2. DroidSansJapanese.ttf: "Droid Sans" "Regular"
Expected results:
2. NotoSansCJK-Regular.ttc: "Noto Sans CJK JP" "Regular"
Additional info:
I get the same result with your older copr repo applied F35 fwiw.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2063714