Changelog
fontforge (1:20201107~dfsg-1) unstable; urgency=medium
[ Jonas Smedegaard ]
* New upstream version 20200314~dfsg (Closes: #963194)
+ Fixes two security vulnerabilities:
- CVE-2020-5395 (use-after-free in SFD_GetFontMetaData in sfd.c)
- CVE-2020-5496 (heap-based buffer overflow in the Type2NotDefSplines()
function in splinesave.c)
that were found in FontForge 20190801 (Closes: #948231)
* copyright: update overage
* use buildsystem cmake+ninja (not autotools);
build-depend on cmake ninja-build
(not libltdl-dev autoconf-archive)
* stop build-depend on chrpath
(unused since 1:20160404~dfsg-1)
* update install paths
(upstream installs appdata in correct path now)
* drop patches 0003 0004 2002 3000:
obsoleted by new upstream release
* update (and reduce) patch 2003
* add patches cherry-picked upstream to fix a range of issues
Fixes "FTBFS on 64-bit big endian: test failures" (Closes: #961841)
* bump library API major version to 4
* drop libgdraw package:
upstream no longer provides that as shared library
* stop ship python simple/* scripts:
No longer installed upstream
* Temporarily omit installing scripts for fontforge-extras,
seemingly not built upstream
* build sphinx documentation;
build-depend on dh-sequence-sphinxdoc
* stop ship extra libraries libgunicode.so libgutils.so:
upstream no longer provides those as shared library
[ Hideki Yamane ]
* specify dh 13
* fix to add ${DEB_HOST_MULTIARCH} for libfontforge.so path
* Add python3-sphinx for document build for GUI build
* Add more build options MAINTAINER_TOOLS and WRITE_PFM
[ Anthony Fok ]
* New upstream version 20201107~dfsg (FontForge 20th Anniversary Edition)
+ Display issues on Wayland are now fixed (Closes: #961640)
* Remove cherry-picked upstream patches as they are included in 20201107
* debian/rules: Change override_dh_* to execute_before_dh_* where possible
* Remove libfontforge-dev package. Upstream has decided to stop installing
development files since 20200314 due to unstable stable API or ABI etc.
No Debian package has ever build-depended on libfontforge-dev either.
* Install README.md instead of the now nonexistent README
* debian/control: Add ${sphinxdoc:Depends} and ${sphinxdoc:Built-Using}
for python3-fontforge
* debian/rules: Remove manual call to sphinx-build
as it is already called by upstream doc/CMakeLists.txt
* Restore files that were installed to fontforge-extras and python3-fontforge
prior to the FontForge 2020 March Release by patching CMakeLists.txt
files, see debian/patches/0001-add-extra-cmake-install-rules.patch
* Add debian/libfontforge4.install as we no longer uses d-shlibs
* Add and fix other debian/*.install, debian/*.manpages and debian/rules
so that all files are installed properly
* Add debian/not-installed to remove dh_missing fail-missing errors
* Remove upstream setting that sets custom RPATH/RUNPATH.
Fixes Lintian custom-library-search-path errors.
See debian/patches/0002-remove-custom-library-search-path.patch
* Fix package description for fontforge-extras
where most provided programs have been renamed
* Add debian/clean to remove build/ and doc/sphinx/_extensions/__pycache__/
* Add myself to the list of Uploaders and to debian/copyright
-- Anthony Fok <email address hidden> Wed, 18 Nov 2020 01:42:18 -0700
