SUSE Security Update: Security update for freetype2
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:1353-1
Rating: moderate
References: #1079603 #1091109
Cross-References: CVE-2018-6942
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for freetype2 to version 2.10.1 fixes the following issues:
Security issue fixed:
- CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c
(bsc#1079603).
Non-security issues fixed:
- Update to version 2.10.1
* The bytecode hinting of OpenType variation fonts was flawed, since the
data in the `CVAR' table wasn't correctly applied.
* Auto-hinter support for Mongolian.
* The handling of the default character in PCF fonts as introduced in
version 2.10.0 was partially broken, causing premature abortion
of charmap iteration for many fonts.
* If `FT_Set_Named_Instance' was called with the same arguments
twice in a row, the function returned an incorrect error code the
second time.
* Direct rendering using FT_RASTER_FLAG_DIRECT crashed (bug
introduced in version 2.10.0).
* Increased precision while computing OpenType font variation
instances.
* The flattening algorithm of cubic Bezier curves was slightly
changed to make it faster. This can cause very subtle rendering
changes, which aren't noticeable by the eye, however.
* The auto-hinter now disables hinting if there are blue zones
defined for a `style' (i.e., a certain combination of a script and its
related typographic features) but the font doesn't contain any
characters needed to set up at least one blue zone.
- Add tarball signatures and freetype2.keyring
- Update to version 2.10.0
* A bunch of new functions has been added to access and process
COLR/CPAL data of OpenType fonts with color-layered glyphs.
* As a GSoC 2018 project, Nikhil Ramakrishnan completely
overhauled and modernized the API reference.
* The logic for computing the global ascender, descender, and height of
OpenType fonts has been slightly adjusted for consistency.
* `TT_Set_MM_Blend' could fail if called repeatedly with the same
arguments.
* The precision of handling deltas in Variation Fonts has been
increased.The problem did only show up with multidimensional
designspaces.
* New function `FT_Library_SetLcdGeometry' to set up the geometry
of LCD subpixels.
* FreeType now uses the `defaultChar' property of PCF fonts to set the
glyph for the undefined character at glyph index 0 (as FreeType
already does for all other supported font formats). As a consequence,
the order of glyphs of a PCF font if accessed with FreeType can be
different now compared to previous versions. This change doesn't
affect PCF font access with cmaps.
* `FT_Select_Charmap' has been changed to allow parameter value
`FT_ENCODING_NONE', which is valid for BDF, PCF, and Windows FNT
formats to access built-in cmaps that don't have a predefined
`FT_Encoding' value.
* A previously reserved field in the `FT_GlyphSlotRec' structure now
holds the glyph index.
* The usual round of fuzzer bug fixes to better reject malformed fonts.
* `FT_Outline_New_Internal' and `FT_Outline_Done_Internal' have been
removed.These two functions were public by oversight only and were
never documented.
* A new function `FT_Error_String' returns descriptions of error codes
if configuration macro FT_CONFIG_OPTION_ERROR_STRINGS is defined.
* `FT_Set_MM_WeightVector' and `FT_Get_MM_WeightVector' are new
functions limited to Adobe MultiMaster fonts to directly set and get
the weight vector.
- Enable subpixel rendering with infinality config:
- Re-enable freetype-config, there is just too many fallouts.
- Update to version 2.9.1
* Type 1 fonts containing flex features were not rendered correctly (bug
introduced in version 2.9).
* CVE-2018-6942: Older FreeType versions can crash with certain
malformed variation fonts.
* Bug fix: Multiple calls to `FT_Get_MM_Var' returned garbage.
* Emboldening of bitmaps didn't work correctly sometimes, showing
various artifacts (bug introduced in version 2.8.1).
* The auto-hinter script ranges have been updated for Unicode 11. No
support for new scripts have been added, however, with the exception
of Georgian Mtavruli.
- freetype-config is now deprecated by upstream and not enabled by default.
- Update to version 2.10.1
* The `ftmulti' demo program now supports multiple hidden axes with the
same name tag.
* `ftview', `ftstring', and `ftgrid' got a `-k' command line option to
emulate a sequence of keystrokes at start-up.
* `ftview', `ftstring', and `ftgrid' now support screen dumping to a PNG
file.
* The bytecode debugger, `ttdebug', now supports variation TrueType
fonts; a variation font instance can be selected with the new `-d'
command line option.
- Add tarball signatures and freetype2.keyring
- Update to version 2.10.0
* The `ftdump' demo program has new options `-c' and `-C' to display
charmaps in compact and detailed format, respectively. Option `-V' has
been removed.
* The `ftview', `ftstring', and `ftgrid' demo programs use a new command
line option `-d' to specify the program window's width, height, and
color depth.
* The `ftview' demo program now displays red boxes for zero-width glyphs.
* `ftglyph' has limited support to display fonts with color-layered
glyphs.This will be improved later on.
* `ftgrid' can now display bitmap fonts also.
* The `ttdebug' demo program has a new option `-f' to select a member of
a TrueType collection (TTC).
* Other various improvements to the demo programs.
- Remove "Supplements: fonts-config" to avoid accidentally pulling in Qt
dependencies on some non-Qt based desktops.(bsc#1091109) fonts-config is
fundamental but ft2demos seldom installs by end users.
only fonts-config maintainers/debuggers may use ft2demos along to debug
some issues.
- Update to version 2.9.1
* No changelog upstream.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Basesystem 15-SP1:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1353=1
Package List:
- SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64):
freetype2-debugsource-2.10.1-4.3.1
freetype2-devel-2.10.1-4.3.1
libfreetype6-2.10.1-4.3.1
libfreetype6-debuginfo-2.10.1-4.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64):
libfreetype6-32bit-2.10.1-4.3.1
libfreetype6-32bit-debuginfo-2.10.1-4.3.1
References:
https://www.suse.com/security/cve/CVE-2018-6942.html
https://bugzilla.suse.com/1079603
https://bugzilla.suse.com/1091109
_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates