Closed Bug 1176531 Opened 4 years ago Closed 3 years ago

Update to Freetype 2.7

Categories

(Core :: Graphics: Text, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla53
Tracking Status
firefox52 --- fixed
firefox53 --- fixed

People

(Reporter: ionnv, Assigned: jfkthame)

References

()

Details

(Whiteboard: [gfx-noted])

Attachments

(1 file)

http://www.freetype.org/index.html#news

http://sourceforge.net/projects/freetype/files/freetype2/2.6/

"FreeType 2.6
2015-06-08

FreeType 2.6 has been released. This is a new major release that provides a better (and simpler) thread-safety model. Among other new features we now have auto-hinting support for Arabic and Thai, together with much improved handling of Apple's GX TrueType variation font format."
Depends on: 1119169
Whiteboard: [gfx-noted]
Summary: Update to Freetype 2.6 → Update to Freetype 2.6.1
Summary: Update to Freetype 2.6.1 → Update to Freetype 2.6.2
Summary: Update to Freetype 2.6.2 → Update to Freetype 2.6.3
Does this bug imply that no work around updating FreeType2 has been done since #1119169? (it seems a bit odd to update an incomplete bug rather than closing it out and then filing a new bug when a new version comes out).

The latest version of FreeType2 restores its ability to properly render CFF fonts (previous versions only had incomplete support) so updating FF to use Freetype2 2.6.3 will be appreciated by those whose fonts cannot currently be used because of lack of support by Firefox (and others, but they have their own bug trackers).
Summary: Update to Freetype 2.6.3 → Update to Freetype 2.6.4
Summary: Update to Freetype 2.6.4 → Update to Freetype 2.6.5
Summary: Update to Freetype 2.6.5 → Update to Freetype 2.7
Comment on attachment 8815476 [details] [diff] [review]
Update freetype to release 2.7

The try failures all look like unrelated intermittents to me.
Attachment #8815476 - Flags: review?(milan)
Comment on attachment 8815476 [details] [diff] [review]
Update freetype to release 2.7

Review of attachment 8815476 [details] [diff] [review]:
-----------------------------------------------------------------

I reviewed every single of these files :)
Attachment #8815476 - Flags: review?(milan) → review+
(In reply to Milan Sreckovic [:milan] from comment #4)
> I reviewed every single of these files :)

I should hope so! ;)
Status: UNCONFIRMED → NEW
Ever confirmed: true
QA Contact: jfkthame
https://hg.mozilla.org/mozilla-central/rev/24af599c0e9b
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
Can this be uplifted to Aurora 52.0 because it's ESR and there's quite a few security bugs fixed between Freetype 2.5.5 and 2.7? If it's not possible then please ignore this.
Is there a list of the relevant security issues? That would help in assessing how important an uplift would be.
Flags: needinfo?(jfkthame) → needinfo?(ionnv)
https://www.freetype.org/index.html#news

"FreeType 2.6.2
2015-11-28

FreeType 2.6.2 has been released. This is a minor release that mainly provides better handling of malformed fonts. All users should upgrade."

https://sourceforge.net/projects/freetype/files/freetype2/2.6.2/

"A large number of bugs have been detected by using the libFuzzer framework, which should further improve handling of invalid fonts. Thanks again to Kostya Serebryany and Bungeman!"

If this isn't security related then please ignore.
Flags: needinfo?(ionnv)
Blocks: 1295371
Blocks: 1270288
Blocks: 1272170
Blocks: 1328971
What are your thoughts about taking this on 52?
Flags: needinfo?(jfkthame)
Comment on attachment 8815476 [details] [diff] [review]
Update freetype to release 2.7

Approval Request Comment
[Feature/Bug causing the regression]: no regression - library update

[User impact if declined]: we'll continue to use an older freetype release which includes known bugs (though it is unclear how serious their impact might be for our users)

[Is this code covered by automated tests?]: all Linux & Android tests involving text rendering exercise freetype

[Has the fix been verified in Nightly?]: yes, landed with no reported issues or test failures

[Needs manual test from QE? If yes, steps to reproduce]: no

[List of other uplifts needed for the feature/fix]: none

[Is the change risky?]: not really

[Why is the change risky/not risky?]: updating a widely-used and trusted library

[String changes made/needed]: none
Flags: needinfo?(jfkthame)
Attachment #8815476 - Flags: approval-mozilla-aurora?
(In reply to Ryan VanderMeulen [:RyanVM] from comment #11)
> What are your thoughts about taking this on 52?

Although it's a big patch, it's just dropping in a new release of the library, which I'd consider a very low risk.
Comment on attachment 8815476 [details] [diff] [review]
Update freetype to release 2.7

alright, let's do this.  update freetype to 2.7 in beta52
Attachment #8815476 - Flags: approval-mozilla-aurora? → approval-mozilla-beta+
Seeing both this bug and https://bugzilla.mozilla.org/show_bug.cgi?id=1328971 being worked on parallel, with the 2.7.1 patch seemingly landing before the 2.7 patch, so just to confirm: head is now on 2.7.1 (2016-12-30) right? Not 2.7 (2016-09-08)?
2.7.1 landed for Firefox 53. 2.7 was just uplifted to ship in Firefox 52.
gotcha, thanks for clarifying! (the milestone for this bug also said mozilla53, so I figured I'd double check =)
Yeah, it's a bit confusing how we track things - the target milestone tracks when the fix landed on mozilla-central and the status flags track branch uplifts. FWIW, I will probably request uplift of 2.7.1 to 52 as well once it's baked for a bit.
You need to log in before you can comment on or make changes to this bug.