[ALSA-2025:3421] Important: freetype security update
Type:
security
Severity:
important
Release date:
2025-04-01
Description:
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fix(es): * freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files (CVE-2025-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 freetype-devel-2.9.1-10.el8_10.aarch64.rpm 821b2c855798fb586209c7a4ab1beb6350f6b6069529ff5fc0d74df1184b00f3
aarch64 freetype-2.9.1-10.el8_10.aarch64.rpm a13b457c9b172a21d371f4bee5b16a936378c09faff52c9af879ec0e431248a9
i686 freetype-devel-2.9.1-10.el8_10.i686.rpm a40d27cdab9e8c4af304c6feace454d9027dc80463421aeb7105d89943480517
i686 freetype-2.9.1-10.el8_10.i686.rpm c085d3d02fb1dc5ce4acb54483f4f5acaf8f7d874f2f3029ecfddb514cfaf8f7
ppc64le freetype-2.9.1-10.el8_10.ppc64le.rpm 16b14fa76b8574f8d192e56f40a93ae8b1ec798a36af7c617ac6149cd2832d2e
ppc64le freetype-devel-2.9.1-10.el8_10.ppc64le.rpm 336c4e9ba619da14b51087686dd278d1f0951f71837c5ba646d852ad31d59e66
s390x freetype-devel-2.9.1-10.el8_10.s390x.rpm 6a3812c5825600463adce53c08e6d3cbcb0dc8ed6644039ff498009e623d8d39
s390x freetype-2.9.1-10.el8_10.s390x.rpm dd446317274021ebdaca3e5278aa6dc79559f75cdfd64fc5592d7b21d72cf628
x86_64 freetype-2.9.1-10.el8_10.x86_64.rpm b4011bdf865f90688200e1683653849b4ff624f1fb17753b0d3e3754924df7c4
x86_64 freetype-devel-2.9.1-10.el8_10.x86_64.rpm c3810f814e8f969e506cb012daaee79a92943204a4d04cf71d8fdca64b072f30
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.