ALSA-2020:4952

[ALSA-2020:4952] Important: freetype security update

Type:

security

Severity:

important

Release date:

2020-11-05

Description:

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.

Security Fix(es):

* freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png (CVE-2020-15999)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freetype-devel-2.9.1-4.el8_3.1.aarch64.rpm	39e523691d5451dd0fddb4282951e25829c43db1d49e48a2b36c30c2bd513ffc
aarch64	freetype-2.9.1-4.el8_3.1.aarch64.rpm	c3aa93202821c51508e18c50d694f9b486d22e22da1ca0ab63bc568b11168e2a
ppc64le	freetype-devel-2.9.1-4.el8_3.1.ppc64le.rpm	17697d7c42c76ddcf694a4d3b87800670ed9ccaeb181b62d8d46fa4dbd5ac938
ppc64le	freetype-2.9.1-4.el8_3.1.ppc64le.rpm	26d8a7de5651e7015af7be2f89e821cd05bf9cf601735abe5c5bdb9a724dbaa8
x86_64	freetype-devel-2.9.1-4.el8_3.1.x86_64.rpm	a25cd062fc8ef8b7e1c97e55efc12583b01189f73b6c3836c4efef6e1d56add6
x86_64	freetype-devel-2.9.1-4.el8_3.1.x86_64.rpm	a25cd062fc8ef8b7e1c97e55efc12583b01189f73b6c3836c4efef6e1d56add6
x86_64	freetype-2.9.1-4.el8_3.1.x86_64.rpm	a92025e423625ffbac3b7532fa58cc907510e53edb09e5638d54b06f39d0bffc
x86_64	freetype-2.9.1-4.el8_3.1.x86_64.rpm	a92025e423625ffbac3b7532fa58cc907510e53edb09e5638d54b06f39d0bffc

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.