Use packaged copy of MathJax from libjs-mathjax

Origin: vendor
Forwarded: not-needed
Last-Update: 2020-11-24

FontForge documentation uses sphinx.ext.mathjax which insert script links
to MathJax served on remote CDNs.

This patch, together with debian/fontforge-doc.links, replaces remote
scripts with MathJax from the libjs-mathjax package.
See https://bugs.debian.org/739300 for discussion.

Fixes Lintian privacy-breach-generic warnings.
Last-Update: 2020-11-24
Gbp-Pq: Name 0003-use-local-libjs-mathjax.patch

Remove custom library search path (RPATH/RUNPATH)

Origin: vendor
Forwarded: not-needed
Last-Update: 2020-11-18

This reverts upstream's preference of setting RPATH/RUNPATH for
installed binaries.  Fixes Lintian custom-library-search-path error.
Last-Update: 2020-11-18
Gbp-Pq: Name 0002-remove-custom-library-search-path.patch

Add extra CMake install rules

Origin: vendor
Forwarded: not-needed
Last-Update: 2020-11-18

for contrib/cidmap, contrib/fonttools and pycontrib to restore the
files that were installed to fontforge-extras and python3-fontforge
prior to the FontForge 2020 March Release.
Last-Update: 2020-11-18
Gbp-Pq: Name 0001-add-extra-cmake-install-rules.patch

fontforge (1:20201107~dfsg-4+deb11u1) bullseye-security; urgency=medium

  * Non-maintainer upload.
  * CVE-2024-25081: Spline Font command injection via crafted filenames
  * CVE-2024-25082: Spline Font command injection via crafted archives
    or compressed files
  * Closes: #1064967

[dgit import unpatched fontforge 1:20201107~dfsg-4+deb11u1]

Import fontforge_20201107~dfsg-4+deb11u1.debian.tar.xz

[dgit import tarball fontforge 1:20201107~dfsg-4+deb11u1 fontforge_20201107~dfsg-4+deb11u1.debian.tar.xz]

Import fontforge_20201107~dfsg.orig.tar.xz

[dgit import orig fontforge_20201107~dfsg.orig.tar.xz]