From e6d72c935853c7cd669175d515851433f02c7936721727a979760e518137a556 Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Mon, 20 Apr 2020 16:12:31 +0000
Subject: [PATCH 1/2] Accepting request 794956 from home:alarrosa:branches:M17N

- Update to version 20200314:
  * FontForge now has much improved stroke expansion functionality.
    The main change is that it actually works most of the time. New
    features include support for arbitrary convex nibs and the
    miter-clip and arc join styles from SVG 2. All functionality is
    accessible from the Python and native APIs.
  * Remove overlap handles certain important edge cases better.
  * The Python API now has a function called genericGlyphChange
    that matches the "Change Glyph" command in the GUI. See #4133
    for more details.
  * The Python API now has functions for getting Unicode script and
    for interrogating glyph boundaries.
  * One can now use text flags (rather than just numerical flags)
    when opening a font file via the Python API.
  * UFO import now outputs the note field properly.
  * SVG import is much more robust.
  * We have dropped most gnulib and autotools logic in favor of
    CMake, which dramatically simplifies the build system and just
    as dramatically improves build time.
  * As part of the switch to CMake, per the deprecation of
    Python 2, and per the lack of objections to the proposal on
    the mailing list, we have dropped support for building
    FontForge with Python 2 support. The non-build-system Python 2
    code remains, but it is neither tested nor maintained nor
    supported and is likely to follow a trajectory of decay and
    then removal.
  * Documentation is now rendered in Sphinx, which makes
    maintenance and improvement easier.
  * Translations now happen on crowdin, which makes contributions
    easier.

OBS-URL: https://build.opensuse.org/request/show/794956
OBS-URL: https://build.opensuse.org/package/show/M17N/fontforge?expand=0&rev=74
---
 fix-return-statement.patch         |  32 +++++++
 fix-sphinx-doc.patch               | 146 +++++++++++++++++++++++++++++
 fontforge-20190801-repacked.tar.xz |   3 -
 fontforge-20200314-repacked.tar.xz |   3 +
 fontforge.changes                  |  62 ++++++++++++
 fontforge.spec                     |  38 ++++----
 get-source.sh                      |   3 +-
 python38_config.patch              |  15 ---
 8 files changed, 262 insertions(+), 40 deletions(-)
 create mode 100644 fix-return-statement.patch
 create mode 100644 fix-sphinx-doc.patch
 delete mode 100644 fontforge-20190801-repacked.tar.xz
 create mode 100644 fontforge-20200314-repacked.tar.xz
 delete mode 100644 python38_config.patch

diff --git a/fix-return-statement.patch b/fix-return-statement.patch
new file mode 100644
index 0000000..5044bb1
--- /dev/null
+++ b/fix-return-statement.patch
@@ -0,0 +1,32 @@
+Index: fontforge-20200314/gdraw/ggdkdraw.c
+===================================================================
+--- fontforge-20200314.orig/gdraw/ggdkdraw.c
++++ fontforge-20200314/gdraw/ggdkdraw.c
+@@ -2333,6 +2333,7 @@ static void GGDKDrawSyncThread(GDisplay
+ static GWindow GGDKDrawPrinterStartJob(GDisplay *UNUSED(gdisp), void *UNUSED(user_data), GPrinterAttrs *UNUSED(attrs)) {
+     Log(LOGERR, " ");
+     assert(false);
++    return (GWindow)0L;
+ }
+ 
+ static void GGDKDrawPrinterNextPage(GWindow UNUSED(w)) {
+@@ -2343,6 +2344,7 @@ static void GGDKDrawPrinterNextPage(GWin
+ static int GGDKDrawPrinterEndJob(GWindow UNUSED(w), int UNUSED(cancel)) {
+     Log(LOGERR, " ");
+     assert(false);
++    return 0;
+ }
+ 
+ 
+Index: fontforge-20200314/fontforgeexe/cvimportdlg.c
+===================================================================
+--- fontforge-20200314.orig/fontforgeexe/cvimportdlg.c
++++ fontforge-20200314/fontforgeexe/cvimportdlg.c
+@@ -710,6 +710,7 @@ static int GFD_Options(GGadget *g, GEven
+ 	_ImportParamsDlg(ImportParamsState());
+ 	d->opts_shown = true;
+     }
++    return 0;
+ }
+ 
+ static int e_h(GWindow gw, GEvent *event) {
diff --git a/fix-sphinx-doc.patch b/fix-sphinx-doc.patch
new file mode 100644
index 0000000..3ddf6fd
--- /dev/null
+++ b/fix-sphinx-doc.patch
@@ -0,0 +1,146 @@
+Index: fontforge-20200314/doc/sphinx/techref/splinefont.rst
+===================================================================
+--- fontforge-20200314.orig/doc/sphinx/techref/splinefont.rst
++++ fontforge-20200314/doc/sphinx/techref/splinefont.rst
+@@ -195,7 +195,7 @@ The bounding box of a :ref:`Spline <spli
+ :ref:`SplineChar <splinefont.SplineChar>`, :ref:`RefChar <splinefont.RefChar>`,
+ :ref:`Image <splinefont.ImageList>`, or whatever else needs a bounding box.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.BDFFloat
+ 
+    typedef struct bdffloat {
+@@ -206,7 +206,7 @@ The bounding box of a :ref:`Spline <spli
+ 
+ The floating selection in a :ref:`BDFChar <splinefont.BDFChar>`.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.Undoes
+ 
+    typedef struct undoes {
+@@ -277,7 +277,7 @@ both the splines and the bitmaps of a ch
+ ut_mult is used when doing a copy from the FontView where you are copying more
+ than one character.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.BDFChar
+ 
+    typedef struct bdfchar {
+@@ -318,7 +318,7 @@ represented by a byte rather than a bit.
+ The last thing in the BDFChar is a (/an optional) floating selection. Only
+ present if the user has made a selection or done a paste or something like that.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.BDFFont
+ 
+    typedef struct bdffont {
+@@ -345,7 +345,7 @@ contains a count of the number of entrie
+ itself. Currently the number of entries here is always 16, but that could
+ change.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.SplinePoint
+ 
+    enum pointtype { pt_curve, pt_corner, pt_tangent };
+@@ -405,7 +405,7 @@ drawing it. They are cached so they don'
+ There's a different set of lines for every scale (as there is a different amount
+ of visible detail). They get freed and regenerated if the Spline changes.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.Spline
+ 
+    typedef struct spline1d {
+@@ -439,7 +439,7 @@ some are used in other places too.
+ The Spline1D structures give the equations for the x and y coordinates
+ respectively (splines[0] is for x, splines[1] is for y).
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.SplinePointList
+ 
+    typedef struct splinepointlist {
+@@ -463,7 +463,7 @@ to). A SplinePointList is a connected pa
+ Generally a series of paths will make up a character, and they are linked
+ together on the next field.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.RefChar
+ 
+    typedef struct refchar {
+@@ -498,7 +498,7 @@ themselves). The selected field indicate
+ field provides a transformed bounding box. And the sc field points to the
+ SplineChar we are referring to.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.KernPair
+ 
+    typedef struct kernpair {
+@@ -514,7 +514,7 @@ offset between them (or rather the diffe
+ and right bearings would lead you to believe it should be). Next points to the
+ next kernpair.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.Hints
+ 
+    typedef struct hints {
+@@ -532,7 +532,7 @@ y space) of where the stem starts, and w
+ negative (in which case base is where the stem ends). Next points to the next
+ hint for the character.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.ImageList
+ 
+    typedef struct imagelist {
+@@ -551,7 +551,7 @@ not support any other transformations on
+ transformations have been applied. The next field points to the next image, and
+ selected indicates whether this one is selected or not.
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.SplineChar
+ 
+    typedef struct splinechar {
+@@ -623,7 +623,7 @@ follow this one. For instance the combin
+ SplineChar representing "V" would have a pointer to a
+ :ref:`KernPair <splinefont.KernPair>` with data on "A".
+ 
+-.. code-block::
++.. code-block:: cpp
+    :name: splinefont.SplineFont
+ 
+    typedef struct splinefont {
+Index: fontforge-20200314/doc/sphinx/ui/misc/fontforge-themes.rst
+===================================================================
+--- fontforge-20200314.orig/doc/sphinx/ui/misc/fontforge-themes.rst
++++ fontforge-20200314/doc/sphinx/ui/misc/fontforge-themes.rst
+@@ -4,7 +4,7 @@ FontForge color schemes
+ The following are some suggestions for color schemes. You simply copy these into
+ your ~/.Xdefaults file and then run
+ 
+-.. code-block::
++.. code-block:: bash
+    :name: fontforge-themes.shell
+ 
+    $ xrdb ~/.Xdefaults
+Index: fontforge-20200314/doc/sphinx/conf.py
+===================================================================
+--- fontforge-20200314.orig/doc/sphinx/conf.py
++++ fontforge-20200314/doc/sphinx/conf.py
+@@ -43,6 +43,7 @@ templates_path = ['_templates']
+ # This pattern also affects html_static_path and html_extra_path.
+ exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+ 
++master_doc = 'index'
+ 
+ # -- Options for HTML output -------------------------------------------------
+ 
diff --git a/fontforge-20190801-repacked.tar.xz b/fontforge-20190801-repacked.tar.xz
deleted file mode 100644
index 6b730f7..0000000
--- a/fontforge-20190801-repacked.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e5c992427a1cb4105f9d1270bd668caab586d28ebed931bdcb0662e834275aa9
-size 29199004
diff --git a/fontforge-20200314-repacked.tar.xz b/fontforge-20200314-repacked.tar.xz
new file mode 100644
index 0000000..5160ccb
--- /dev/null
+++ b/fontforge-20200314-repacked.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:af7e09052d5a5f6b20b69d868b574637ee6cd72ab560429e29437392abe71810
+size 28239648
diff --git a/fontforge.changes b/fontforge.changes
index 9976990..46687c0 100644
--- a/fontforge.changes
+++ b/fontforge.changes
@@ -1,3 +1,65 @@
+-------------------------------------------------------------------
+Wed Apr 15 18:30:12 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
+
+- Update to version 20200314:
+  * FontForge now has much improved stroke expansion functionality.
+    The main change is that it actually works most of the time. New
+    features include support for arbitrary convex nibs and the
+    miter-clip and arc join styles from SVG 2. All functionality is
+    accessible from the Python and native APIs.
+  * Remove overlap handles certain important edge cases better.
+  * The Python API now has a function called genericGlyphChange
+    that matches the "Change Glyph" command in the GUI. See #4133
+    for more details.
+  * The Python API now has functions for getting Unicode script and
+    for interrogating glyph boundaries.
+  * One can now use text flags (rather than just numerical flags)
+    when opening a font file via the Python API.
+  * UFO import now outputs the note field properly.
+  * SVG import is much more robust.
+  * We have dropped most gnulib and autotools logic in favor of
+    CMake, which dramatically simplifies the build system and just
+    as dramatically improves build time.
+  * As part of the switch to CMake, per the deprecation of
+    Python 2, and per the lack of objections to the proposal on
+    the mailing list, we have dropped support for building
+    FontForge with Python 2 support. The non-build-system Python 2
+    code remains, but it is neither tested nor maintained nor
+    supported and is likely to follow a trajectory of decay and
+    then removal.
+  * Documentation is now rendered in Sphinx, which makes
+    maintenance and improvement easier.
+  * Translations now happen on crowdin, which makes contributions
+    easier.
+  * We got such a contribution for Croatian.
+  * Character view point coloring is more consistent, and preview
+    fills support transparency.
+  * The user can now move and close tabs in the character view.
+  * The metrics view now allows for entry of negative kerning
+    values and runs a bit more smoothly.
+  * There is now a warning when a user is about to discard an
+    unsaved script.
+  * We fixed bugs all over, as always, with particular attention
+    given to the metrics view, Python, Spiro, and high-resolution
+    displays.
+  * Notes on build system changes:
+    + libgutils and libgunicode have been combined into
+      libfontforge
+    + libgdraw and libfontforgeexe have been combined into the
+      fontforge executable itself
+    + No development files are installed (headers, or pkg-config).
+      This is because we do not provide a stable API or ABI to work
+      against, nor are the headers actually well configured to be
+      used externally. We are also not aware of any maintained
+      product that compiles against FontForge itself.
+
+- Drop patch that isn't needed anymore:
+  * python38_config.patch
+
+- Add patches to fix build:
+  * fix-return-statement.patch
+  * fix-sphinx-doc.patch (only for Leap 15.2)
+
 -------------------------------------------------------------------
 Wed Oct 30 13:28:56 UTC 2019 - Ondřej Súkup <mimi.vx@gmail.com>
 
diff --git a/fontforge.spec b/fontforge.spec
index 092691e..917cd52 100644
--- a/fontforge.spec
+++ b/fontforge.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package fontforge
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,29 +17,30 @@
 
 
 Name:           fontforge
-Version:        20190801
+Version:        20200314
 Release:        0
 Summary:        A Font Editor
 License:        GPL-3.0-or-later
 URL:            http://fontforge.org/
-#       Source: https://github.com/fontforge/fontforge/archive/%{version}.tar.gz
+#       Source: https://github.com/fontforge/fontforge/archive/%%{version}.tar.gz
 #           see bug 926061, fontforge-*-repacked.tar.xz does not contain fontforge-*/win/gold/libX11-*.noarch.rpm
 Source0:        fontforge-%{version}-repacked.tar.xz
 Source1:        get-source.sh
 # workardound for bug 930076, imho upstream should fix this
 # https://github.com/fontforge/fontforge/issues/2270
 Patch0:         fontforge-version.patch
-# fix for build with python38
-Patch1:         python38_config.patch
-BuildRequires:  autoconf
-BuildRequires:  automake
+Patch1:         fix-return-statement.patch
+Patch2:         fix-sphinx-doc.patch
 BuildRequires:  cairo-devel
+BuildRequires:  cmake
 BuildRequires:  fdupes
 BuildRequires:  fontconfig-devel
 BuildRequires:  freetype2-devel
+BuildRequires:  gcc-c++
 BuildRequires:  gettext-tools
 BuildRequires:  giflib-devel
 BuildRequires:  git
+BuildRequires:  gtk3-devel
 BuildRequires:  hicolor-icon-theme
 BuildRequires:  libjpeg-devel
 BuildRequires:  libpng-devel
@@ -49,8 +50,11 @@ BuildRequires:  libuninameslist-devel
 BuildRequires:  libxml2-devel
 BuildRequires:  pango-devel
 BuildRequires:  pkgconfig
+BuildRequires:  python3-Sphinx
 BuildRequires:  python3-devel
+BuildRequires:  readline-devel
 BuildRequires:  update-desktop-files
+BuildRequires:  woff2-devel
 BuildRequires:  zlib-devel
 BuildRequires:  pkgconfig(x11)
 BuildRequires:  pkgconfig(xft)
@@ -94,25 +98,22 @@ to develop applications that use FontForge libraries.
 %prep
 %setup -q
 %patch0 -p1
-%if 0%{?python3_version_nodots} >= 38
 %patch1 -p1
+%if %{?suse_version} < 1550
+%patch2 -p1
 %endif
-sed -i 's/\r$//' doc/html/{Big5.txt,corpchar.txt}
 
 %build
-./bootstrap --force
-%configure \
-    --disable-static \
-    --enable-pyextension \
-    --with-regular-link \
-    --docdir=%{_docdir}/%{name}/html
-make %{?_smp_mflags}
+%cmake \
+    -DCMAKE_INSTALL_DOCDIR=%{_docdir}/%{name}/html
 
 %install
-%make_install
+%cmake_install
 %suse_update_desktop_file -i org.fontforge.FontForge VectorGraphics
 %find_lang FontForge
 find %{buildroot} -type f -name "*.la" -delete -print
+rm %{buildroot}%{_docdir}/%{name}/html/.buildinfo
+rm %{buildroot}%{_docdir}/%{name}/html/.nojekyll
 %fdupes -s %{buildroot}%{_datadir}/%{name}
 
 %post -p /sbin/ldconfig
@@ -129,7 +130,6 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_datadir}/applications/org.fontforge.FontForge.desktop
 %{_datadir}/icons/hicolor/*/apps/org.fontforge.FontForge.png
 %{_datadir}/icons/hicolor/scalable/apps/org.fontforge.FontForge.svg
-%{_datadir}/appdata/org.fontforge.FontForge.appdata.xml
 %{_datadir}/metainfo/org.fontforge.FontForge.*.xml
 %{_datadir}/pixmaps/org.fontforge.FontForge.*
 %{_datadir}/mime/packages/%{name}.xml
@@ -142,8 +142,6 @@ find %{buildroot} -type f -name "*.la" -delete -print
 
 %files devel
 %doc CONTRIBUTING.md
-%{_includedir}/fontforge/
-%{_libdir}/pkgconfig/*.pc
 %{_libdir}/lib*.so
 
 %changelog
diff --git a/get-source.sh b/get-source.sh
index 637fcc0..3010a04 100644
--- a/get-source.sh
+++ b/get-source.sh
@@ -19,8 +19,7 @@ pushd fontforge-$VERSION
 git clone https://github.com/troydhanson/uthash
 git clone --depth 1 https://github.com/coreutils/gnulib.git gnulib
 # remove not shippable files (bug 926061)
-rm win/gold/libX11-*.noarch.rpm
-./bootstrap --copy --force
+# rm win/gold/libX11-*.noarch.rpm
 popd
 tar cJf fontforge-$VERSION-repacked.tar.xz fontforge-$VERSION
 rm -rf fontforge-$VERSION
diff --git a/python38_config.patch b/python38_config.patch
deleted file mode 100644
index 4862b08..0000000
--- a/python38_config.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Index: fontforge-20190801/m4/fontforge_arg_enable.m4
-===================================================================
---- fontforge-20190801.orig/m4/fontforge_arg_enable.m4
-+++ fontforge-20190801/m4/fontforge_arg_enable.m4
-@@ -116,8 +116,8 @@ fi
- if test x"${i_do_have_python_scripting}" != xyes; then
-    i_want_python_ver=
- else
--   PKG_CHECK_MODULES([PYTHON],[python-"${PYTHON_VERSION}"], dnl   [PKG_CHECK_MODULES([PYTHONDEV],[python-"${PYTHON_VERSION}"],,[i_do_have_python_scripting=maybe])],
--      [PKG_CHECK_MODULES([PYTHONDEV],[python-"${PYTHON_VERSION}"],,[i_do_have_python_scripting=no])],
-+   PKG_CHECK_MODULES([PYTHON],[python-"${PYTHON_VERSION}"-embed], dnl   [PKG_CHECK_MODULES([PYTHONDEV],[python-"${PYTHON_VERSION}"-embed],,[i_do_have_python_scripting=maybe])],
-+      [PKG_CHECK_MODULES([PYTHONDEV],[python-"${PYTHON_VERSION}"-embed],,[i_do_have_python_scripting=no])],
-       [i_do_have_python_scripting=no])
- dnl dnl TODO: have python3 AND python2, but only have python2 dev, but no python3 dev
- dnl if test x"${i_do_have_python_scripting}" = xmaybe; then

From 7f433e441dd62cf5da2f49a394573cd114403d2785d72c662e1ab0f26f816f36 Mon Sep 17 00:00:00 2001
From: Marguerite Su <i@marguerite.su>
Date: Wed, 22 Apr 2020 08:42:58 +0000
Subject: [PATCH 2/2] Accepting request 796116 from home:alarrosa:branches:M17N

* Fixes use-after-free (heap) in the SFD_GetFontMetaData()
    function and fix NULL pointer dereference in the
    SFDGetSpiros() and SFD_AssignLookups() function(bnc#1160220,
    bnc#1160236, CVE-2020-5395, CVE-2020-5496).

OBS-URL: https://build.opensuse.org/request/show/796116
OBS-URL: https://build.opensuse.org/package/show/M17N/fontforge?expand=0&rev=75
---
 fontforge.changes | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fontforge.changes b/fontforge.changes
index 46687c0..bb09904 100644
--- a/fontforge.changes
+++ b/fontforge.changes
@@ -52,6 +52,10 @@ Wed Apr 15 18:30:12 UTC 2020 - Antonio Larrosa <alarrosa@suse.com>
       against, nor are the headers actually well configured to be
       used externally. We are also not aware of any maintained
       product that compiles against FontForge itself.
+  * Fixes use-after-free (heap) in the SFD_GetFontMetaData()
+    function and fix NULL pointer dereference in the
+    SFDGetSpiros() and SFD_AssignLookups() function(bnc#1160220,
+    bnc#1160236, CVE-2020-5395, CVE-2020-5496).
 
 - Drop patch that isn't needed anymore:
   * python38_config.patch