Created attachment 182585 [details] Update freetype2 to 2.8 Update freetype2 to 2.8.
I would like to request a exp-run to test the new freetype2 release. I don't expect any problems but, just to be sure. Thanks
Can you mark with MFH tag when landing as it fixes CVE-2017-8105, CVE-2017-8287 ? ABI: https://abi-laboratory.pro/tracker/timeline/freetype/ (looks safe)
Created attachment 182597 [details] Proposed patch (since 435690 revision) Hello. The compiler's warning about which I noted in the bug 211201 comment #76 was fixed in 2.8 version: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/include/freetype/config/ftoption.h?h=VER-2-8&id=e5595784f4075a631f3d6606cecc6dad3100d642 Therefore, the following sed patch could be removed: https://github.com/freebsd/freebsd-ports/blob/29352b374445c0a57c4640585b2e4bcbb411ae3d/print/freetype2/Makefile#L73-L75 I attached a patch for this, which also fixes following portlint's warning: WARN: Makefile: [53]: whitespace before end of line. To Koop Mast: Please, consider to fix following portlint's warnings: WARN: /usr/ports/print/freetype2/pkg-descr: exceeds 24 lines, make it shorter if possible.(currently 25 lines) WARN: /usr/ports/print/freetype2/pkg-descr: includes lines that exceed 80 characters.
Created attachment 182603 [details] Proposed patch (since 435690 revision) The 2.8 version introduced AF_CONFIG_OPTION_TT_SIZE_METRICS configuration option with following descriptions: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/CHANGES?h=VER-2-8#n33 -8<-- II. IMPORTANT BUG FIXES - `Light' auto-hinting mode no longer uses TrueType metrics for TrueType fonts. This bug was introduced in version 2.4.6, causing horizontal scaling also. Almost all GNU/Linux distributions (with Fedora as a notable exception) disabled the corresponding patch for good reasons; chances are thus high that you won't notice a difference. If optical backward compatibility for legacy applications is necessary, you might enable the AF_CONFIG_OPTION_TT_SIZE_METRICS configuration option. However, it is strongly recommended to avoid that, adjusting font sizes instead. -->8- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/freetype.h?h=VER-2-8#n2979 -8<-- * If configuration option AF_CONFIG_OPTION_TT_SIZE_METRICS is active, * TrueType-like metrics are used to make this mode behave similarly * as in unpatched FreeType versions between 2.4.6 and 2.7.1 * (inclusive). -->8- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-8#n912 -8<-- /* Use TrueType-like size metrics for `light' auto-hinting. */ /* */ /* It is strongly recommended to avoid this option, which exists only to */ /* help some legacy applications retain its appearance and behaviour */ /* with respect to auto-hinted TrueType fonts. */ /* */ /* The very reason this option exists at all are GNU/Linux distributions */ /* like Fedora that did not un-patch the following change (which was */ /* present in FreeType between versions 2.4.6 and 2.7.1, inclusive). */ /* */ /* 2011-07-16 <..> /* */ /* [truetype] Fix metrics on size request for scalable fonts. */ /* */ /* This problematic commit is now reverted (more or less). */ -->8- I checked and there are differences for look of TrueType fonts, if (not) using AF_CONFIG_OPTION_TT_SIZE_METRICS define, including some Xft.dpi (e.g. "Xft.dpi: 96.0" or other value, while using different monitor's dpi) changes in ~/.Xresources file. Therefore, I propose to add such an option, if there is a need to get some previous (unpatched) behaviour. I attached some new version of proposed patch.
Created attachment 182604 [details] Proposed patch (since 435690 revision) Re-upload correct patch for comment #4.
(In reply to comment #3) > The compiler's warning about which I noted in the bug 211201 comment #76 was > fixed in 2.8 version: The link to full commit, just in case: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e5595784f4075a631f3d6606cecc6dad3100d642
Exp-run looks fine (done on kwm@ patch)
lightside: Just to be sure I got things correct. The `light' auto-hinting is the V40 hinting correct?
Created attachment 182679 [details] Some archived SciTE screenshots (In reply to comment #8) > Just to be sure I got things correct. The `light' auto-hinting is the > V40 hinting correct? I think, the "auto-hinting" and "sub-pixel hinting" (for some type of which V40 port's option used) are different things: https://www.freetype.org/freetype2/docs/reference/ft2-auto_hinter.html https://www.freetype.org/freetype2/docs/reference/ft2-tt_driver.html https://www.freetype.org/freetype2/docs/text-rendering-general.html Personally, I tested with using V38=off and V40=off print/freetype2 port's options, x11-fonts/fontconfig with HINTING_SLIGHT=on. And following configuration files: ~/.config/fontconfig/fonts.conf: -8<-- <?xml version='1.0'?> <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> <fontconfig> <match target="font"> <edit mode="assign" name="rgba"> <const>rgb</const> </edit> </match> <match target="font"> <edit mode="assign" name="hinting"> <bool>true</bool> </edit> </match> <match target="font"> <edit mode="assign" name="hintstyle"> <const>hintslight</const> </edit> </match> <match target="font"> <edit mode="assign" name="antialias"> <bool>true</bool> </edit> </match> <match target="font"> <edit mode="assign" name="lcdfilter"> <const>lcddefault</const> </edit> </match> <match target="pattern"> <test qual="any" name="size" compare="less_eq"> <int>12</int> </test> <edit name="antialias" mode="assign"> <bool>false</bool> </edit> </match> <!-- Disable autohint for bold fonts so they are not overly bold --> <!-- <match target="font" > <test compare="more" name="weight" > <const>medium</const> </test> <edit mode="assign" name="autohint" > <bool>false</bool> </edit> </match> --> <!-- <match target="font" > <edit mode="assign" name="autohint" > <bool>true</bool> </edit> </match> --> </fontconfig> -->8- ~/.Xresources: -8<-- ! To reload immediately: ! xrdb -load ~/.Xresources Xft.antialias: true Xft.dpi: 96.0 Xft.hinting: true Xft.hintstyle: hintslight Xft.rgba: rgb Xft.lcdfilter: lcddefault -->8- as well as without Xft.dpi value. And some different monitor's dpi to get the same dimensions, which were reported by xrandr, if it's related somehow (`xrandr --dpi 94` in ~/.xinitrc file): -8<-- % xrandr | grep -w connected && xdpyinfo | grep -B2 resolution DVI-I-1 connected 1920x1200+0+0 (normal left inverted right x axis y axis) 518mm x 324mm screen #0: dimensions: 1920x1200 pixels (518x324 millimeters) resolution: 94x94 dots per inch -->8- I attached archive with SciTE (editors/scite) screenshots for different configurations with opened unchanged freetype2/Makefile file (while restarting X.Org X server for each case): tt_size_metrics_off_dpi_96.png: without AF_CONFIG_OPTION_TT_SIZE_METRICS define and "Xft.dpi: 96.0" in ~/.Xresources file. tt_size_metrics_off_without_dpi_changes.png: without AF_CONFIG_OPTION_TT_SIZE_METRICS define and without Xft.dpi changes in ~/.Xresources file. tt_size_metrics_on_dpi_96.png: with AF_CONFIG_OPTION_TT_SIZE_METRICS define and "Xft.dpi: 96.0" in ~/.Xresources file. tt_size_metrics_on_without_dpi_changes.png: with AF_CONFIG_OPTION_TT_SIZE_METRICS define and without Xft.dpi changes in ~/.Xresources file. Notice, how "Makefile" and "Buffers" words are different (probably, Tahoma font related), including some font sizes. Overall, defined AF_CONFIG_OPTION_TT_SIZE_METRICS allowed to use the same ~/.Xresources file as it was in 2.7.1 version (something like tt_size_metrics_on_dpi_96.png instead of tt_size_metrics_off_dpi_96.png). Not sure, if this is correct configuration and/or testing method, but AF_CONFIG_OPTION_TT_SIZE_METRICS changes something: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0a5315d141e698253603170595c655132d9baff2 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ba40054c2dd9f5d3d8561de7106870ac6a920f6d This is why I proposed to add it as an port's option for 2.8 version.
A commit references this bug: Author: kwm Date: Thu May 18 08:46:07 UTC 2017 New revision: 441132 URL: https://svnweb.freebsd.org/changeset/ports/441132 Log: Update freetype2 to 2.8. * `Light' auto-hinting mode no longer uses TrueType metrics for TrueType fonts. It causing horizontal scaling also. Add option if people want it back. * Update pkg-descr, 2.7 started this but I committed the WIP version. Exp-run done by: antoine@ PR: 219271 MFH: 2017Q2 Exp-run by: antoine@ Security: 4a088d67-3af2-11e7-9d75-c86000169601 Security: CVE-2017-8105, CVE-2017-8287 Changes: head/print/freetype2/Makefile head/print/freetype2/distinfo head/print/freetype2/pkg-descr head/print/freetype2/pkg-plist
(In reply to comment #8) > Just to be sure I got things correct. The `light' auto-hinting is the > V40 hinting correct? I think, this is not correct. I tried to explain this in comment #9 with examples, which didn't use sub-pixel hinting port's options. From source code point of view, the AF_CONFIG_OPTION_TT_SIZE_METRICS define activates following part of source code in src/autofit/afloader.c file: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/autofit/afloader.c?h=VER-2-8#n255 There are no checks for TT_CONFIG_OPTION_SUBPIXEL_HINTING (or TT_SUPPORT_SUBPIXEL_HINTING_MINIMAL) in this file. The V40 option's name was used in relation to corresponding interpreter version: https://www.freetype.org/freetype2/docs/reference/ft2-tt_driver.html#interpreter-version http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-8#n632 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-8#n667 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/truetype/ttinterp.c?h=VER-2-8#n52 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-8#n952 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/truetype/ttgload.c?h=VER-2-8#n823 The other alternative names for sub-pixel hinting port's options are: INFINALITY and MINIMAL. Therefore, I think, that committed text in ports r441132 for TT_SIZE_METRICS_DESC description may be misleading. I proposed different variant in attachment #182604 [details]: TT_SIZE_METRICS_DESC= TrueType-like size metrics for 'light' auto-hinting i.e. words from description of AF_CONFIG_OPTION_TT_SIZE_METRICS define in ftoption.h file: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/config/ftoption.h?h=VER-2-8#n912 The 'light' word is used in different context, in my opinion: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/include/freetype/freetype.h?h=VER-2-8#n2964 Others are NORMAL, MONO, LCD, LCD_V.
A commit references this bug: Author: kwm Date: Thu May 18 17:57:30 UTC 2017 New revision: 441189 URL: https://svnweb.freebsd.org/changeset/ports/441189 Log: MFH: r441132 Update freetype2 to 2.8. * `Light' auto-hinting mode no longer uses TrueType metrics for TrueType fonts. It causing horizontal scaling also. Add option if people want it back. * Update pkg-descr, 2.7 started this but I committed the WIP version. Exp-run done by: antoine@ PR: 219271 Exp-run by: antoine@ Security: 4a088d67-3af2-11e7-9d75-c86000169601 Security: CVE-2017-8105, CVE-2017-8287 Approved by: ports-secteam@ (miwi@) Changes: _U branches/2017Q2/ branches/2017Q2/print/freetype2/Makefile branches/2017Q2/print/freetype2/distinfo branches/2017Q2/print/freetype2/pkg-descr branches/2017Q2/print/freetype2/pkg-plist