| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Version 9.25:
Highlights in this release include:
This release fixes problems with argument handling, some unintended results of the security fixes to the SAFER file access restrictions (specifically accessing ICC profile files), and some additional security issues over the recent 9.24 release.
Note: The ps2epsi utility does not, and cannot call Ghostscript with the -dSAFER command line option. It should never be called with input from untrusted sources.
Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits.
PLEASE NOTE: We strongly urge users to upgrade to this latest release to avoid these issues.
As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files.
IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF).
The usual round of bug fixes, compatibility changes, and incremental improvements.
|
|
Version 4.30 15-June-2018
-------------------------
1. If a "movement" was coded without any staves (for example, for a title
page), there was the possibility of a segmentation crash due to memory
corruption. This is a very old bug, surprisingly never triggered before.
2. Added the "tripletize" feature, somewhat of an experiment.
3. Allow semicolon and comma after any note, not just quavers and shorter, to
make life easier when halvenotes and doublenotes are being used.
4. Implement [doublenotes] and [halvenotes] to alter note lengths without
affecting time signatures.
5. Make -norepeat a synonym of -norepeats because I keep forgetting.
6. Make "stafflines" a synonym of "stavelines" because staff/stave are supposed
to be interchangeable throughout.
7. Added an optional thickness to -drawstavelines.
8. Repeats in the middle of bars are now honoured in MIDI output.
9. If there were more than 20 text strings preceding a note, PMW could crash.
The limit has been increased to 50, and a test for overflow is now in place.
10. Arrange to free heap memory so tests can run with -fsanitize=address.
11. If a chord was repeated multiple times by 'x' followed by a number greater
than 1, a data overrun could occur. There is now also a hard error if there
are too many notes in a chord (the limit is now 16).
12. If a midichannel directive contained a volume setting, undefined memory was
being copied accidentally (but never used).
13. Several code refactorizations to tidy up suspect code picked up by gcc and
clang sanitizers.
14. "Printtime" and "printkey" directives used to apply to the entire piece;
even if set in the second movement they would affect the first. Now they
apply only to the movement they are set in and any that follow.
15. Some other changes for "printkey":
(a) At a mid-stave change of key, PMW used to check for C major or A minor
when deciding whether to automatically insert a previous key cancellation
signature using natural signs, though in one case the test for A minor was
missing. Now it checks for a key signature of zero width, which means that
if "printkey" defines an empty string for the new key, a cancellation
signature will be generated.
(b) Previously, a cancellation signature took no notice of any "printkey"
setting. There is now an optional second argument for "printkey" that
specifies what to print for a cancellation. If not supplied, an empty
string is used.
16. Added four new characters to the music font: reverse turns and half circles.
17. Characters from the PMW-Alpha font were not being correctly included in the
documentation PDF (something changed and I didn't notice). This has been
fixed by including the type 3 PostScript font explicitly when building the
PDF from SDoP's PostScript output.
|
|
RELEASE 3.5.6:
* Restore DocTemplate seq attribute lost in rev c985bd7093ad (4405)
version 3.4.41
|
|
gutenprint had a workaruond because something it included added
-lgexiv2 to the link link (via libtool) without having it in bl3.
That's fixed, so drop the workaround.
|
|
|
|
From Edgar Fuß.
|
|
Version 9.24:
Highlights in this release include:
Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits.
PLEASE NOTE: We strongly urge users to upgrade to this latest release to avoid these issues.
As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files.
IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF).
The usual round of bug fixes, compatibility changes, and incremental improvements.
|
|
|
|
Release 0.68.0
core:
* Add Reason and Location to SignatureInfo. Bug #107299
* Fix memory misuse on signature handling
* Fix security issues found by oss-fuzz
* Don't give a warning when Marked value is false. Bug #107430
qt5:
* Add Reason and Location to SignatureInfo. Bug #107299
cpp:
* Add rotation() to text_box. Bug #106562
* Fix build with MSVC
utils:
* pdftoppm: Add -jpegopt optimize option support
* pdftocairo: Add -jpegopt optimize option support
* pdftohtml: Add option to not round coordinates
* pdftohtml: Fix possible crash. Bug #107316
build system:
* Use OpenJpeg cmake config file instead of pkgconfig
* Remove wchar_t- on MSVC
|
|
Upstream changes are maintenance: new printers, bug fixes, minor improvements.
|
|
This was conditional for NetBSD 1.x and 2.x only.
|
|
CHANGES IN V1.21.1
- foomatic-rip: Fixed segmentation fault caused by wrong
Coverity Scan issue fix.
- Build system: Require QPDF 8.1.0 or later as it is needed by
bannertopdf.
CHANGES IN V1.21.0
- libcupsfilters, cups-browsed, driverless, foomatic-rip,
parallel: Silenced warnings from newest gcc.
- libcupsfilters: When generating a PPD for driverless
printing on a remote IPP printer, make pdftopdf not being
run by the local queue if the remote queue is a CUPS queue
to avoid running pdftopdf twice.
- libcupsfilters, cups-browsed, driverless, bannertopdf,
foomatic-rip, pdftops, pdftoraster, rastertops,
rastertoescpx, sys5ippprinter, beh: Fixed Coverity Scan
issues.
- bannertopdf: Switched over from using Poppler to using QPDF
for generating the PDF pages. With Poppler unstable APIs
were used which were subject to change. Thanks to Sahil
Arora for this project in the Google Summer of Code 2018
- cups-browsed: Manually defined clusters ("Cluster" directive
in cups-browsed.conf) caused cups-browsed to crash.
|
|
Bump revision
|
|
|
|
RELEASE 3.5.3
* Bug fix release to make really simple paras work OK
* Use local libart by default
* Use upgrade libart source to 2.3.21-3
|
|
|
|
|
|
|
|
Release 0.67.0
core:
* Fix lots of security/leak issues found by oss-fuzz
* Splash: Optimize some files, making them 20% faster (now for AABGR8)
utils:
* pdfsig: Compile with libc != glibc. Bug #106783
|
|
From v. 4.56 to 4.57
Correct problem that in calculation of md5 checksum, an error
sometimes occurs about malformed utf8 characters. This can happen
if the environment variable PERL_UNICODE is set.
Add configuration variable $bibtex_fudge to allow to choose
whether to use the fudge that made bibtex run correctly when
an output directory (or aux directory) is specified. (A
planned future version of bibtex in TeXLive will not need
the fudge.)
From v. 4.57 to 4.59
Deal with double quote ('"') characters in files on command line to
correspond to behavior of tex programs. Remove balanced pairs,
and give fatal error for unbalanced double quotes. (Note MiKTeX's
tex programs simply remove unbalanced quotes.) In all cases, the
'"' character is not allowed in a filename read by tex and
friends.
Give fatal error when name of tex file on command line is either not
allowed by tex and friends are gives problematic behavior.
Use TEXINPUTS as search path for source files for custom
dependency.
Only give warning about differing expected and output filenames when
the extensions differ. All other cases gave only false positives.
Do better to ensure xelatex gets its -no-pdf option.
|
|
Upstream changes (from NEWS):
== Ruby-GNOME2 3.2.9: 2018-08-08
This is a packaging bug fix release of 3.2.8.
=== Changes
==== All
* Fixes
* Fixed wrong gem content.
[GitHub#1236][Reported by Izumi Tsutsui]
==== Ruby/GtkSourceView4
* Improvements
* Added.
=== Thanks
* Izumi Tsutsui
== Ruby-GNOME2 3.2.8: 2018-08-06
This is an installation improvement release of 3.2.7.
=== Changes
==== All
* Improvements
* Added support for static gemspec.
[Patch by cedlemo]
* Added support for msys2_mingw_dependencies.
[GitHub#1194]
==== Ruby/GLib2
* Improvements
* test: Removed a needless assertion.
[GitHub#1235][Patch by Iain Lane]
==== Ruby/GObjectIntrospection
* Improvements
* Improved setter method detection.
[GitHub#1233][Patch by yosuke shiro]
* Fixes
* Fixed a memory leak for callback method.
[GitHub#1230][GitHub#1231][Reported by Izumi Tsutsui]
==== Ruby/GTK3
* Fixes
* demo: Fix a crash bug.
[GitHub#1193][Reported by kojix2]
=== Thanks
* cedlemo
* kojix2
* Izumi Tsutsui
* yosuke shiro
* Iain Lane
|
|
Each R package should include ../../math/R/Makefile.extension, which also
defines MASTER_SITES. Consequently, it is redundant for the individual
packages to do the same. Package-specific definitions also prevent
redefining MASTER_SITES in a single common place.
|
|
|
|
Based on Kamel Derouiche's version in pkgsrc-wip.
|
|
Add dependency on py-pyphen for hyphenation support.
|
|
CHANGES IN V1.20.4
- README: Added link to Issue Tracker on GitHub.
- gstoraster: Removed unneeded "if"s.
- cups-browsed: When checking whether there is already a local
print queue with the same URI as the one of the discovered
printer, consider also as equal URI if the URIs only differ
by use of IPP or IPPS and/or use of HTTPS port 443 instead
of IPP port 631.
- cups-browsed: Also upgrade from ipp: to ipps: when the ipps:
URI is on HTTPS port 443 instead of IPP port 631. This is
common on IPP network printers.
- pdftopdf: Removed support for hardware-implemented reversing
of page order in PostScript printers. It was once not
correctly implemented in cups-filters and second, such
printers are extremely rare, and on Gutenprint PPDs with
pseudo OutputOrder option hardware reversing was even
wrongly assumed.
- pdftopdf: Accept option "output-order=normal/reverse" for
reversing page order and also "page-delivery=
same-order/reverse-order".
- libcupsfilters: Let the PPD generator add "*PageStackOrder
..." lines to the choices of the "OutputBin" option, to
mark which output bins need the pages printed in reverse
order.
- libcupsfilters: Let the PPD generator correctly create a
"*DefaultOutputOrder: ..." entry, depending on whether the
paper is put out face-up or face-down in the default output
bin.
- libcupsfilters: Fixed human-readable name of the OutputBin
option in the PPD generator.
- pdftoopvp: Silence compiler warning.
- cups-browsed: If the user modifies/overwrites a print queue
created by cups-browsed, it will now not only be
automatically released from the control of cups-browsed, but
we also create a replacement for our generated local queue
under a new name.
- cups-browsed: Make URIS for using the implicitclass backend
correctly working also with queue names containing an '@'
character.
- braille: Strengthen error checking.
- braille: Index: Replace bogus characters with space.
- braille: Add print and braille page number options.
- braille: Index: Use standard duplex cups option.
- cups-browsed: Moved auto-generation of PPD file for IPP
network printers from create_remote_printer_entry()
function to update_cups_queues(). This allows re-creating
accidentally removed or overwritten local queues without
losing the PPD file.
- braille: Add option to pick hyphenation rule according to
current locale and make it the default for second
translation table.
- braille: Remove generated defs on "make clean".
- braille: Turn non-breakable spaces to spaces.
- braille: Fix character encoding when extracting text. When
extracing text from a zip file or a pdf, the resulting text
is always utf-8 independently of the original locale, so we
need to force that.
- braille: Warn when no text translation was selected in case
the user didn't notice.
- braille: Fix spurious spacing after last Form-Feed
|
|
Some details about airprint are in https://wiki.debian.org/AirPrint
Proposed on tech-pkg@ on Jul 20
Bump PKGREVISION
|
|
Fixes the build.
|
|
pkgsrc changes:
- Use the .tar.xz distfile instead of .tar.gz (5.8MB vs 64MB)
- Add a post-extract target to avoid installing file with the not needed
`+x' permission
Changes:
- A lot of new PPDs where added
- Several fixes to existent PPDs
|
|
pkgsrc changes:
- Try to address several pkglint warnings
- Also pass CUPS_PPDS via CONFIGURE_ENV
- Depends on curl via DEPENDS: just bin/curl is needed not libcurl
Changes:
4.0.13
------
* Makefile.in: Add support for LDFLAGS variable (bug 1422).
* configure.ac: Allow user-configurable PERLPREFIX via environment
variable (Bug 1294).
|
|
When *dst and *src overlaps in strcpy(3) according to POSIX the behaviour is
undefined and at least on NetBSD this lead to SIGABRT (due buffer overflow
detection of fortify) in foomatic-combo-xml.
PKGREVISION++
|
|
|
|
|
|
|
|
|
|
Changelog:
8.1.0: June 23, 2018
Usability Improvements
When splitting files, qpdf detects fonts and images that the document metadata claims are referenced from a page but are not actually referenced and omits them from the output file. This change can cause a significant reduction in the size of split PDF files for files created by some software packages. Prior versions of qpdf would believe the document metadata and sometimes include all the images from all the other pages even though the pages were no longer present. In the unlikely event that the old behavior should be desired, it can be enabled by specifying --preserve-unreferenced-resources. For additional details, please see Section 3.6, “Advanced Transformation Options”.
When merging multiple PDF files, qpdf no longer leaves all the files open. This makes it possible to merge numbers of files that may exceed the operating system's limit for the maximum number of open files.
The --rotate option's syntax has been extended to make the page range optional. If you specify --rotate=angle without specifying a page range, the rotation will be applied to all pages. This can be especially useful for adjusting a PDF created from a multi-page document that was scanned upside down.
When merging multiple files, the --verbose option now prints information about each file as it operates on that file.
When the --progress option is specified, qpdf will print a running indicator of its best guess at how far through the writing process it is. Note that, as with all progress meters, it's an approximation. This option is implemented in a way that makes it useful for software that uses the qpdf library; see API Enhancements below.
Bug Fixes
Properly decrypt files that use revision 3 of the standard security handler but use 40 bit keys (even though revision 3 supports 128-bit keys).
Limit depth of nested data structures to prevent crashes from certain types of malformed (malicious) PDFs.
In “newline before endstream” mode, insert the required extra newline before the endstream at the end of object streams. This one case was previously omitted.
API Enhancements
The first round of higher level “helper” interfaces has been introduced. These are designed to provide a more convenient way of interacting with certain document features than using QPDFObjectHandle directly. For details on helpers, see Section 6.3, “Helper Classes”. Specific additional interfaces are described below.
Add two new document helper classes: QPDFPageDocumentHelper for working with pages, and QPDFAcroFormDocumentHelper for working with interactive forms. No old methods have been removed, but QPDFPageDocumentHelper is now the preferred way to perform operations on pages rather than calling the old methods in QPDFObjectHandle and QPDF directly. Comments in the header files direct you to the new interfaces. Please see the header files and ChangeLog for additional details.
Add three new object helper class: QPDFPageObjectHelper for pages, QPDFFormFieldObjectHelper for interactive form fields, and QPDFAnnotationObjectHelper for annotations. All three classes are fairly sparse at the moment, but they have some useful, basic functionality.
A new example program examples/pdf-set-form-values.cc has been added that illustrates use of the new document and object helpers.
The method QPDFWriter::registerProgressReporter has been added. This method allows you to register a function that is called by QPDFWriter to update your idea of the percentage it thinks it is through writing its output. Client programs can use this to implement reasonably accurate progress meters. The qpdf command line tool uses this to implement its --progress option.
New methods QPDFObjectHandle::newUnicodeString and QPDFObject::unparseBinary have been added to allow for more convenient creation of strings that are explicitly encoded using big-endian UTF-16. This is useful for creating strings that appear outside of content streams, such as labels, form fields, outlines, document metadata, etc.
A new class QPDFObjectHandle::Rectangle has been added to ease working with PDF rectangles, which are just arrays of four numeric values.
|
|
3.5.0:
Unknown changes
|
|
|
|
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
|
|
|
|
|
|
pkgsrc changes:
- Remove patch-gtklp_gtklp.h (no longer needed)
Changes:
1.3.3
-----
- code cleanups and small fixes
1.3.2
------
- support for custom page sizes
- new option "-F" to hide FileTab if file is given.
- Fix display of file arguments passed on the commandline.
- merge some small fixes
- fixed danish translation, thanks to scootergrisen
- fixed dutch translation, thanks to Pander
1.3.1
------
- spanish translation updated, thanks to Jose Luis Tirado
- new croatian translation, thanks to Zoran Spoja
1.3.0
------
- favorite printers patch, thanks to Amon Ott
- bugfixes and non-utf8-enhancements, thanks to Oleh Nykyforchyn
- fixes for autoconf/automake chain
1.2.10
------
- patch to work with AppArmor, thanks to Andreas Bolsch
- patch to compile against cups 1.6.0, thanks to Eric
1.2.9
-----
- always use -lX11
- print jobs not shown in gtklpq
- setting port for gtklpq not possible
- compile with X11-Libs
- code cleanups
1.2.8a
------
- patch to compile with cups 1.5, thanks to Bengt Ahlgren
1.2.8
-----
- remove "waiting" window
- new russian translation
|
|
Using a PKG_OPTIONS_VAR that is different to PKGBASE is problematic when
PKG_BUILD_OPTIONS is used. Deprecate the `cups' option (via PKG_LEGACY_OPTIONS
so if `cups' is still used everything will continue to work) in favour of
`cups-base'.
Thanks to <bouyer> for pointing out this problem on tech-pkg@ ML!
|
|
|
|
Release 0.66.0
core:
* Fix lots of security/leak issues found by oss-fuzz
* Splash: Optimize some files, making them 20% faster
* Splash: Correctly manipulate spot colors if SPOT_NCOMPS != 4
* Fix compilation with some strict compilers
|
|
as suggested by leot@
|
|
The bug is that some attributes are ignored/rejected, causing e.g. usernames
to be changed to anonymous in print queues and page log.
Bump PKGREVISION
|
|
|
|
|
|
This is documentation for tex-fundus-calligra.
|
