SUSE-SU-2025:03449-1

Описание

This update for cairo fixes the following issues:

• CVE-2025-50422: Fixed Poppler crash on malformed input (bsc#1247589)

• Update to version 1.18.4:

  • The dependency on LZO has been made optional through a build time configuration toggle.
  • You can build Cairo against a Freetype installation that does not have the FT_Color type.
  • Cairo tests now build on Solaris 11.4 with GCC 14.
  • The DirectWrite backend now builds on MINGW 11.
  • The DirectWrite backend now supports font variations and proper glyph coverage.

• Use tarball in lieu of source service due to freedesktop gitlab migration, will switch back at next release at the latest.

• Add pkgconfig(lzo2) BuildRequires: New optional dependency, build lzo2 support feature.

• Convert to source service: allows for easier upgrades by the GNOME team.

• Update to version 1.18.2:

  • The malloc-stats code has been removed from the tests directory
  • Cairo now requires a version of pixman equal to, or newer than, 0.40.
  • There have been multiple build fixes for newer versions of GCC for MSVC; for Solaris; and on macOS 10.7.
  • PNG errors caused by loading malformed data are correctly propagated to callers, so they can handle the case.
  • Both stroke and fill colors are now set when showing glyphs on a PDF surface.
  • All the font options are copied when creating a fallback font object.
  • When drawing text on macOS, Cairo now tries harder to select the appropriate font name.
  • Cairo now prefers the COLRv1 table inside a font, if one is available.
  • Cairo requires a C11 toolchain when building.