[ALSA-2026:6631] Important: fontforge security update
Type:
security
Severity:
important
Release date:
2026-04-08
Description:
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. Security Fix(es): * fontforge: FontForge: Remote Code Execution via malicious SFD file parsing (CVE-2025-15270) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 fontforge-20230101-15.el10_1.aarch64.rpm 4aef0cb35e3c952471e12f21f44cfd2d7feba62079c661d5487aecdf078e91c1
ppc64le fontforge-20230101-15.el10_1.ppc64le.rpm 148af090e33bbd1904a1347a8948a7491d02656a70c20791e777daea61cb3c88
s390x fontforge-20230101-15.el10_1.s390x.rpm 39c20919db7fc239a6e24fd948bffd08a5cea62d9d0cdf9953c963f37e301346
x86_64 fontforge-20230101-15.el10_1.x86_64.rpm 105617a0b2bd1e807bec3722026eca7fc0872c6fd8bb395564f9f9b4f317d058
x86_64_v2 fontforge-20230101-15.el10_1.x86_64_v2.rpm 5531073439f90c7dc801f044fe8255b6d3362d609d82508051f0381b7fc8ed70
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.