Version in base suite: 2.12.1+dfsg-5

Base version: freetype_2.12.1+dfsg-5
Target version: freetype_2.12.1+dfsg-5+deb12u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/f/freetype/freetype_2.12.1+dfsg-5.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/f/freetype/freetype_2.12.1+dfsg-5+deb12u1.dsc

 changelog                    |    7 +++++++
 patches/disable_COLRv1.patch |   23 +++++++++++++++++++++++
 patches/series               |    1 +
 3 files changed, 31 insertions(+)

diff -Nru freetype-2.12.1+dfsg/debian/changelog freetype-2.12.1+dfsg/debian/changelog
--- freetype-2.12.1+dfsg/debian/changelog	2023-04-20 11:08:03.000000000 +0000
+++ freetype-2.12.1+dfsg/debian/changelog	2023-09-25 09:45:10.000000000 +0000
@@ -1,3 +1,10 @@
+freetype (2.12.1+dfsg-5+deb12u1) bookworm; urgency=medium
+
+  * debian/patches: Disable COLRv1 support, which was unintentionally enabled
+    by upstream in this version of FreeType (Closes: #1051816).
+
+ -- Hugh McMaster <hugh.mcmaster@outlook.com>  Mon, 25 Sep 2023 19:45:10 +1000
+
 freetype (2.12.1+dfsg-5) unstable; urgency=medium
 
   * debian/patches: Add a patch to fix CVE-2023-2004 (Closes: #1034612).
diff -Nru freetype-2.12.1+dfsg/debian/patches/disable_COLRv1.patch freetype-2.12.1+dfsg/debian/patches/disable_COLRv1.patch
--- freetype-2.12.1+dfsg/debian/patches/disable_COLRv1.patch	1970-01-01 00:00:00.000000000 +0000
+++ freetype-2.12.1+dfsg/debian/patches/disable_COLRv1.patch	2023-09-25 09:45:10.000000000 +0000
@@ -0,0 +1,23 @@
+Description: Disable COLRv1 support in FreeType 2.12.1.
+ FreeType 2.12.1 shipped with COLRv1 support enabled. This was unintentional,
+ as the partial implementation shipped is incomplete and incompatible with
+ the final COLRv1 API.
+ .
+ Applications attempting to use this version of the COLRv1 API will get
+ unexpected (and incorrect) results.
+Author: Hugh McMaster <hugh.mcmaster@outlook.com>
+Forwarded: not-needed
+Bug-Debian: https://bugs.debian.org/1051816
+Last-Update: 2023-09-22
+
+--- a/src/sfnt/sfdriver.c
++++ b/src/sfnt/sfdriver.c
+@@ -1220,7 +1220,7 @@
+ #define PUT_SVG_SUPPORT( a )  NULL
+ #endif
+ 
+-#define PUT_COLOR_LAYERS_V1( a )  PUT_COLOR_LAYERS( a )
++#define PUT_COLOR_LAYERS_V1( a )  NULL
+ 
+ #ifdef TT_CONFIG_OPTION_POSTSCRIPT_NAMES
+ #define PUT_PS_NAMES( a )  a
diff -Nru freetype-2.12.1+dfsg/debian/patches/series freetype-2.12.1+dfsg/debian/patches/series
--- freetype-2.12.1+dfsg/debian/patches/series	2023-04-20 11:08:03.000000000 +0000
+++ freetype-2.12.1+dfsg/debian/patches/series	2023-09-25 09:45:10.000000000 +0000
@@ -6,3 +6,4 @@
 fix-wild-free-svg.patch
 hardening.patch
 CVE-2023-2004.patch
+disable_COLRv1.patch