ALSA-2025:A001

[ALSA-2025:A001] Important: freetype security update

Type:

security

Severity:

important

Release date:

2025-03-17

Description:

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.

Security Fix(es):

* FreeType: An out of bounds write exists when attempting to parse font subglyph structures related to TrueType GX and variable font files. (CVE-2025-27363)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freetype-demos-2.9.1-9.el8.alma.1.aarch64.rpm	3021f47f791b575311203185cf41ac5e9ec411f090e4e0c1e8adac29b826a6fe
aarch64	freetype-2.9.1-9.el8.alma.1.aarch64.rpm	6e6724e5bfff5ffe171081ad01b836ab29e5e14685e86f0f026f9505c03357a2
aarch64	freetype-devel-2.9.1-9.el8.aarch64.rpm	9a329be66f45a1b05e538cc87e205079c7b69beb674618ebbc7fb15f4d85c4f1
i686	freetype-demos-2.9.1-9.el8.i686.rpm	297b47bd7a862ebcf483505a07c4eb378de4b1897907cfd9bad8295410b70c50
i686	freetype-2.9.1-9.el8.i686.rpm	a4b5a7093ebab5cd3e144715832faa8cbe5447549adc6fcc7ba96ae98677a913
i686	freetype-devel-2.9.1-9.el8.i686.rpm	b5d7582425d53fa1b991e1b3c9d615a7e408f82f9717d17a2890941248213296
ppc64le	freetype-demos-2.9.1-9.el8.ppc64le.rpm	631936dee8d1f74105af5e6782ee66a085bc1e90756b1aa5e4bc1fdd5bcdb2e3
ppc64le	freetype-devel-2.9.1-9.el8.alma.1.ppc64le.rpm	6ae6b1a3c7bad72790b83fd0fece5d2b32c5ddb18ea8469e00a41b4d57843aee
ppc64le	freetype-2.9.1-9.el8.ppc64le.rpm	dec37f03fc90846fd9e93564d7136cd64f50b65f007acf030260f50e9432738c
s390x	freetype-devel-2.9.1-9.el8.alma.1.s390x.rpm	02495ce89a7875bf88f14bf92a72e3897dd029035811b4b70712474c9f489bda
s390x	freetype-2.9.1-9.el8.alma.1.s390x.rpm	133c5a1ff54e945662fa48ad24fd7d5361df7deb63770513582b07eb649a23fa
s390x	freetype-demos-2.9.1-9.el8.alma.1.s390x.rpm	21947b763c42e3818393a2962a5b2925d2705ae84dae0680cd7f45a9cd35d83c
x86_64	freetype-demos-2.9.1-9.el8.alma.1.x86_64.rpm	203c57cf4dce09e3e95a1dadbbbe11df6597b593523fc3bea01a2e6bd21d89c3
x86_64	freetype-2.9.1-9.el8.alma.1.x86_64.rpm	27e8fa625d70c85f6c8cb5890473531f3b484ad8f9b5f241633c18f2d94ceb9b
x86_64	freetype-devel-2.9.1-9.el8.x86_64.rpm	745f653aee0dede42ff50aeb06ec7f33ee86c776f3b4f59dfa7e3b0c7e851a41

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.