[ALSA-2024:4267] Moderate: fontforge security update
Type:
security
Severity:
moderate
Release date:
2024-07-03
Description:
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. Security Fix(es): * fontforge: command injection via crafted filenames (CVE-2024-25081) * fontforge: command injection via crafted archives or compressed files (CVE-2024-25082) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 fontforge-20200314-6.el8_10.aarch64.rpm bd5fad21bc07c60bc2c955a17524165b4fcaec9d34a018d3aa78a9c60e9cccbe
i686 fontforge-20200314-6.el8_10.i686.rpm f72a6de2d37a8ea81667c894a206522dc3a3cddbeaab76639db9ab235dcedbc6
ppc64le fontforge-20200314-6.el8_10.ppc64le.rpm 50214a30de3356331f50e83623c8f6ec857699ce4efe3bd2320baaae45eb9c41
s390x fontforge-20200314-6.el8_10.s390x.rpm 65086f6313262d440ef093647c83ffdab759b280e37292b0516bf872ab301ad1
x86_64 fontforge-20200314-6.el8_10.x86_64.rpm 6f2a0c0ef3157de4f72fda23ad6e52852469ce8b33bbb405ad8969bb84603dc8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.