[ALSA-2022:8340] Moderate: freetype security update
Type:
security
Severity:
moderate
Release date:
2022-11-18
Description:
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fix(es): * FreeType: Buffer overflow in sfnt_init_face (CVE-2022-27404) * FreeType: Segmentation violation via FNT_Size_Request (CVE-2022-27405) * Freetype: Segmentation violation via FT_Request_Size (CVE-2022-27406) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 freetype-2.10.4-9.el9.aarch64.rpm 7cb40a9b475e98ba6327983031b5684aa7ad8a090b9766643cb5c49d74d101eb
aarch64 freetype-devel-2.10.4-9.el9.aarch64.rpm f0e32023e8e87374ffd9c63678b99147af4e9fdd80ee7c6aecb3ad3eb15b6278
i686 freetype-2.10.4-9.el9.i686.rpm 0be85a34eaff6ae7640c58d0f0148e010bfb7e69081ffd214bc74bf1fbedd50d
i686 freetype-devel-2.10.4-9.el9.i686.rpm 9dd2a4e0834bc3c0c6f56571a3839c7af43df9253bd4a04c34de9bfc6be05485
ppc64le freetype-2.10.4-9.el9.ppc64le.rpm 3b3945e8d7c01ce524970e26580d984a1afe8cf9126755bac42f74627db083ee
ppc64le freetype-devel-2.10.4-9.el9.ppc64le.rpm c2c669a62d2d1ffb5283fbb43c30f653c809960c355803edfaf08df71bdc8fb4
s390x freetype-2.10.4-9.el9.s390x.rpm 8c92079f9acec2400045a40e5a463d2d733f54ac20f4b7a8827a7e062e248f2a
s390x freetype-devel-2.10.4-9.el9.s390x.rpm fc6a414c8ebe3b7708f118e3b9c27edc361ab5c4d6b8a87bff4eaf36bf608778
x86_64 freetype-devel-2.10.4-9.el9.x86_64.rpm 34f42be077c41c4bb6759aacc95c391df3f7cdad5f5a032df6aea01510560426
x86_64 freetype-2.10.4-9.el9.x86_64.rpm d0056833fffca8ed432cfe719e8877e2776ebfe2d072f178a14bb5b57e328f49
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.