Accepted fontforge 1:20201107~dfsg-1 (source all amd64) into unstable, unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 18 Nov 2020 01:42:18 -0700
Source: fontforge
Binary: fontforge fontforge-common fontforge-dbgsym fontforge-doc fontforge-extras fontforge-extras-dbgsym fontforge-nox fontforge-nox-dbgsym libfontforge4 libfontforge4-dbgsym python3-fontforge python3-fontforge-dbgsym
Architecture: source all amd64
Version: 1:20201107~dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Fonts Task Force <debian-fonts@lists.debian.org>
Changed-By: Anthony Fok <foka@debian.org>
Description:
fontforge - font editor
fontforge-common - font editor (common files)
fontforge-doc - documentation for fontforge
fontforge-extras - font editor - extra programs
fontforge-nox - font editor - non-X version
libfontforge4 - font editor - runtime library
python3-fontforge - font editor - Python bindings
Closes: 948231 961640 961841 963194
Changes:
fontforge (1:20201107~dfsg-1) unstable; urgency=medium
.
[ Jonas Smedegaard ]
* New upstream version 20200314~dfsg (Closes: #963194)
+ Fixes two security vulnerabilities:
- CVE-2020-5395 (use-after-free in SFD_GetFontMetaData in sfd.c)
- CVE-2020-5496 (heap-based buffer overflow in the Type2NotDefSplines()
function in splinesave.c)
that were found in FontForge 20190801 (Closes: #948231)
* copyright: update overage
* use buildsystem cmake+ninja (not autotools);
build-depend on cmake ninja-build
(not libltdl-dev autoconf-archive)
* stop build-depend on chrpath
(unused since 1:20160404~dfsg-1)
* update install paths
(upstream installs appdata in correct path now)
* drop patches 0003 0004 2002 3000:
obsoleted by new upstream release
* update (and reduce) patch 2003
* add patches cherry-picked upstream to fix a range of issues
Fixes "FTBFS on 64-bit big endian: test failures" (Closes: #961841)
* bump library API major version to 4
* drop libgdraw package:
upstream no longer provides that as shared library
* stop ship python simple/* scripts:
No longer installed upstream
* Temporarily omit installing scripts for fontforge-extras,
seemingly not built upstream
* build sphinx documentation;
build-depend on dh-sequence-sphinxdoc
* stop ship extra libraries libgunicode.so libgutils.so:
upstream no longer provides those as shared library
.
[ Hideki Yamane ]
* specify dh 13
* fix to add ${DEB_HOST_MULTIARCH} for libfontforge.so path
* Add python3-sphinx for document build for GUI build
* Add more build options MAINTAINER_TOOLS and WRITE_PFM
.
[ Anthony Fok ]
* New upstream version 20201107~dfsg (FontForge 20th Anniversary Edition)
+ Display issues on Wayland are now fixed (Closes: #961640)
* Remove cherry-picked upstream patches as they are included in 20201107
* debian/rules: Change override_dh_* to execute_before_dh_* where possible
* Remove libfontforge-dev package. Upstream has decided to stop installing
development files since 20200314 due to unstable stable API or ABI etc.
No Debian package has ever build-depended on libfontforge-dev either.
* Install README.md instead of the now nonexistent README
* debian/control: Add ${sphinxdoc:Depends} and ${sphinxdoc:Built-Using}
for python3-fontforge
* debian/rules: Remove manual call to sphinx-build
as it is already called by upstream doc/CMakeLists.txt
* Restore files that were installed to fontforge-extras and python3-fontforge
prior to the FontForge 2020 March Release by patching CMakeLists.txt
files, see debian/patches/0001-add-extra-cmake-install-rules.patch
* Add debian/libfontforge4.install as we no longer uses d-shlibs
* Add and fix other debian/*.install, debian/*.manpages and debian/rules
so that all files are installed properly
* Add debian/not-installed to remove dh_missing fail-missing errors
* Remove upstream setting that sets custom RPATH/RUNPATH.
Fixes Lintian custom-library-search-path errors.
See debian/patches/0002-remove-custom-library-search-path.patch
* Fix package description for fontforge-extras
where most provided programs have been renamed
* Add debian/clean to remove build/ and doc/sphinx/_extensions/__pycache__/
* Add myself to the list of Uploaders and to debian/copyright
Checksums-Sha1:
42bf5879bff94f8b662bc3de9f12bab6b8192be7 3015 fontforge_20201107~dfsg-1.dsc
70695fabd8cbba0486a8cae603cea14aef9b12a7 11840596 fontforge_20201107~dfsg.orig.tar.xz
21921d6cb1e01c037e58f3022951c9b2284eb519 48272 fontforge_20201107~dfsg-1.debian.tar.xz
27d233115008226cf693a619ffef359ba9a90f83 2077996 fontforge-common_20201107~dfsg-1_all.deb
d548413e9dade174d7a42cd70b0ab553b71bc74b 2802024 fontforge-dbgsym_20201107~dfsg-1_amd64.deb
12520a9ac33461ea1f5fd5d3775df861ddcb89cd 3601768 fontforge-doc_20201107~dfsg-1_all.deb
11a18b2a5548a966c704d51a3e8a271d279a7048 372420 fontforge-extras-dbgsym_20201107~dfsg-1_amd64.deb
cd4f8a38436d23881591fda1dd320648c158ef73 305876 fontforge-extras_20201107~dfsg-1_amd64.deb
487308ed165068dc8fa2b380378238dd8beddbcb 7776 fontforge-nox-dbgsym_20201107~dfsg-1_amd64.deb
52aebdd3049867ddc86a7d31d8102890ec218c2f 37744 fontforge-nox_20201107~dfsg-1_amd64.deb
86cb6e6fbe3fc8a34dbd443592e519bd645ac57d 19550 fontforge_20201107~dfsg-1_amd64.buildinfo
f51d87a4cfd8e84f1e7e5630c1c10b955bd356b3 1362848 fontforge_20201107~dfsg-1_amd64.deb
611f282f8e79c2cd1cd4a49c2fbaad9981729bf7 4039620 libfontforge4-dbgsym_20201107~dfsg-1_amd64.deb
8f160c66cff7df72b7ec4328839292f60c21df68 1918076 libfontforge4_20201107~dfsg-1_amd64.deb
b37fd780709eb53ba6fd38d875f9769aee1c737c 6908 python3-fontforge-dbgsym_20201107~dfsg-1_amd64.deb
c03bd90066b100b2f2507db622285f02545326b0 32416 python3-fontforge_20201107~dfsg-1_amd64.deb
Checksums-Sha256:
20c84ad27682ba8ae0d875aa99c62a1f9d1b9f105174db4948af23f2abf59b74 3015 fontforge_20201107~dfsg-1.dsc
87672ca0dbfa3df42d768c3856186617059a5471fa99b35e7495d612a533c40b 11840596 fontforge_20201107~dfsg.orig.tar.xz
809aa18c1bcf240f817725f03b289c7ece370fa769b6fa165ded86de0f5879a5 48272 fontforge_20201107~dfsg-1.debian.tar.xz
bbf6343f88fdbc2b8c58c88882f58a621bea084b91402647239bf5c46d530bbe 2077996 fontforge-common_20201107~dfsg-1_all.deb
b38063a64a6923b43f759ac3ee94e998aaebc100225bedfd0cbb9bf23aaa0441 2802024 fontforge-dbgsym_20201107~dfsg-1_amd64.deb
d08c3e91f12dcdfe91048b12655900f7d801ff66663fc7025a5eb76313f81210 3601768 fontforge-doc_20201107~dfsg-1_all.deb
cfd76d79f7d71ff6ed152ca45de331e99ae2e630c123046e8dfb1237c5ffbb36 372420 fontforge-extras-dbgsym_20201107~dfsg-1_amd64.deb
003ec5e19f7a1bba99cfb79b087cee25aaac6363321f0664bdf89213911a6f21 305876 fontforge-extras_20201107~dfsg-1_amd64.deb
466631000d2343454dc51a3668569ec03d1422f95c3846346a7c0ffcb0fcab79 7776 fontforge-nox-dbgsym_20201107~dfsg-1_amd64.deb
7110bf06cc23d6acae9db71c23689474715c800a7a5a14e8105d5f1698914b50 37744 fontforge-nox_20201107~dfsg-1_amd64.deb
d841f5456b16f1b324aa5c9c7908c27a2ad8fc402f3364aefda4ba459f2af25b 19550 fontforge_20201107~dfsg-1_amd64.buildinfo
c2f80296cc5022f2e740c8640fe12930d05fdefc50840e09ad2d543e1fa0feca 1362848 fontforge_20201107~dfsg-1_amd64.deb
c33455126e8bb5de1f9443dbdc49301ba64ab17acf7fd66d28776e67e180b570 4039620 libfontforge4-dbgsym_20201107~dfsg-1_amd64.deb
0ae6dc5153a7ba33f3b0bee17670b55ebfc1e36e26416e0de965182a519f95e3 1918076 libfontforge4_20201107~dfsg-1_amd64.deb
abea61c254ef5f92ac1f0ff9668d4ddeefa5c4cbd7ddd8dc25818455b020c556 6908 python3-fontforge-dbgsym_20201107~dfsg-1_amd64.deb
5affbb1b0bd958e9a1062523f89cb679f8ef436e4e6987a3c40e811579560b81 32416 python3-fontforge_20201107~dfsg-1_amd64.deb
Files:
b80ff5c911a28d5c6fd6eb8e0f8ad9b1 3015 fonts optional fontforge_20201107~dfsg-1.dsc
fcb397570d9502ae649f2735d5c09d6f 11840596 fonts optional fontforge_20201107~dfsg.orig.tar.xz
46baac16d81d97f197e5c276da351396 48272 fonts optional fontforge_20201107~dfsg-1.debian.tar.xz
013a62f3f0a5a63dbb966c3e188526b9 2077996 fonts optional fontforge-common_20201107~dfsg-1_all.deb
9339829df81e193aceda715dc7838cce 2802024 debug optional fontforge-dbgsym_20201107~dfsg-1_amd64.deb
40b3b474fa52245d1dc7d2f84bd98de6 3601768 doc optional fontforge-doc_20201107~dfsg-1_all.deb
4d7411eaadd1c1743a15a58aea6d7e72 372420 debug optional fontforge-extras-dbgsym_20201107~dfsg-1_amd64.deb
3ff6d2485eb6c900f2d1e22dcf9f1802 305876 fonts optional fontforge-extras_20201107~dfsg-1_amd64.deb
5babaa9eabcb6e1f315994d72bea58bb 7776 debug optional fontforge-nox-dbgsym_20201107~dfsg-1_amd64.deb
09164f7f2387778820fcc57ac4b8bd6a 37744 fonts optional fontforge-nox_20201107~dfsg-1_amd64.deb
3709f2172e560610a7184c97cd8f9cc3 19550 fonts optional fontforge_20201107~dfsg-1_amd64.buildinfo
de6f3615df9942797371c51fc0a92f89 1362848 fonts optional fontforge_20201107~dfsg-1_amd64.deb
5fee85a34be98b6a866e8404843b38a2 4039620 debug optional libfontforge4-dbgsym_20201107~dfsg-1_amd64.deb
b19c5b45dffbd33e4255ca9b1da53d76 1918076 libs optional libfontforge4_20201107~dfsg-1_amd64.deb
3ee9284d624d0eef0546194c9d603512 6908 debug optional python3-fontforge-dbgsym_20201107~dfsg-1_amd64.deb
1f925c7ccaf599a456a41e615b370528 32416 python optional python3-fontforge_20201107~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAl+070UQHGZva2FAZGVi
aWFuLm9yZwAKCRDqJQC0EsWazx8ED/9hPXsFz1brMIkQ54sCy2qMqoCEViaErB7K
3ON/YF0IdcKla2rups/4OPgABryG4gOffpA8WL79yd1ImO2BfkjQCk6zvb/rHS+v
+iULNKVlBVtnTecJ9VkDb29xyXk77Q+uxwLAGwpD3SwPYO+ikTlYTGypZEYmMkuP
lHktyq1eYXA84SI2F94BbfNm7JZCjihOyy/dOjUgFGOsJAfTZhL22nqwCfRPIVav
8m7Om75eFtVfoEX/iMCbG9X9Qukkvhq629LUxrAee9yxfdF/VtMlaJ1JWWUpj8Km
k3Vpfb7Rn2iLnTyS1tVEbmEbk7reNQsUR6Kdd/cD1ZTlxGi19mibQs8xzY7KmU2x
WWqlm3wgtZe0yTqAZAkd+Gy7OziFM4imgtK+jmLKY0uMfEg+eZOusaq2sQ0/RMBW
YGhZRQy+f2z0xzbKHmlCfGpiPpuUjazjbBk1SnWyai5THpExjZLzxjRr4VfnU6yj
+elX/PNoVguIyR8JQpyqrmao95WllUf6eZVl7eu6YYwSTxJmJrlEgs1WHBJAbiez
erUx8YGchSKOAE5l6tbX1vaNwMwrmvfBNYJ0NIFmkpfL5G6F+NIUKx/kO53wF8A/
R+VKCJOY5tp9VhgE3bpPOkwpFg5QfueKkZkTIp9+VFZkMZUvqO6sx41F6R/qMjfV
BSrjS8gvag==
=+Ijp
-----END PGP SIGNATURE-----