ALSA-2025:A002

[ALSA-2025:A002] Important: freetype security update

Type:

security

Severity:

important

Release date:

2025-03-17

Description:

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.

Security Fix(es):

* FreeType: An out of bounds write exists when attempting to parse font subglyph structures related to TrueType GX and variable font files. (CVE-2025-27363)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freetype-2.10.4-9.el9.alma.2.aarch64.rpm	55577164403c1d58d5d32549524b2fea8a43acc173fdf604bbc35abb847bd69d
aarch64	freetype-devel-2.10.4-9.el9.alma.2.aarch64.rpm	77f42fc1021099893782170f895c166a1d5a323324fde3deb91555b2783fc6d2
aarch64	freetype-demos-2.10.4-9.el9.alma.2.aarch64.rpm	a4c0366d3699c894c07b6ac5894025e52693281e88b62cbc385da5552fe98316
i686	freetype-devel-2.10.4-9.el9.alma.2.i686.rpm	55809f428b3795a53515401956c62d297c17f0b2c59f9e31ef3e59ff409a95cc
i686	freetype-demos-2.10.4-9.el9.alma.2.i686.rpm	76e7365619fdf110e385a05b607f744b0fbb0f630ec5c7c610e37887f19b5380
i686	freetype-2.10.4-9.el9.alma.2.i686.rpm	a7701a29ae85853316e938c28cdda38a5b54c1feba76305d82c86d465ec82d0b
ppc64le	freetype-demos-2.10.4-9.el9.ppc64le.rpm	3cb4e5905de704f08e2e34d4853793a2f97febe9546bdab4c27767abaec0e0bf
ppc64le	freetype-2.10.4-9.el9.alma.2.ppc64le.rpm	af394bf1e379e9e7caa400fc3cd1d3dee0d52f2f0f6706f8f634dacbd18f70d6
ppc64le	freetype-devel-2.10.4-9.el9.ppc64le.rpm	c2c669a62d2d1ffb5283fbb43c30f653c809960c355803edfaf08df71bdc8fb4
s390x	freetype-demos-2.10.4-9.el9.alma.2.s390x.rpm	a4a69440e8e3e3b447b6cfcd78224be6714c09ea2bf5cf23978456d3d3a3616b
s390x	freetype-2.10.4-9.el9.alma.2.s390x.rpm	c41c2ee13550bfa8d4d513c9711b3d2b4363efda2d1871ebc9006a535d8d6a39
s390x	freetype-devel-2.10.4-9.el9.s390x.rpm	fc6a414c8ebe3b7708f118e3b9c27edc361ab5c4d6b8a87bff4eaf36bf608778
x86_64	freetype-devel-2.10.4-9.el9.x86_64.rpm	34f42be077c41c4bb6759aacc95c391df3f7cdad5f5a032df6aea01510560426
x86_64	freetype-demos-2.10.4-9.el9.alma.2.x86_64.rpm	3f96d623b5c61d0a6e9eb0abdfd5d7a211b165808390ecfa0af4f73227190ab4
x86_64	freetype-2.10.4-9.el9.alma.2.x86_64.rpm	e7c2269e86d38181372a7a2579d82c96df1162012702f4f1b8582242d3fb179d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.