[ALSA-2026:6628] Important: fontforge security update
Type:
security
Severity:
important
Release date:
2026-04-08
Description:
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts. Security Fix(es): * fontforge: FontForge: Remote Code Execution via malicious SFD file parsing (CVE-2025-15270) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 fontforge-20201107-8.el9_7.aarch64.rpm de2661c3cfea18f56ad5afb07f34a1825c9c5365db2d8126f88610e895c0fa38
i686 fontforge-20201107-8.el9_7.i686.rpm e4175e11ec2faf07dc03ad780def54ba0fa67ec119957af1a390eca98a7d7c84
ppc64le fontforge-20201107-8.el9_7.ppc64le.rpm 7214f5c4a499be60a978c9a526b0c31d2400bc429783e8b93657f5bef5dfbe63
s390x fontforge-20201107-8.el9_7.s390x.rpm 338efe0bdcaf6883073acdd91e00a7be18c08191ed9e54326de1a996a552fafd
x86_64 fontforge-20201107-8.el9_7.x86_64.rpm eb3cc023ef4539cd1f3aa8e3520859e6d437f4565192b82044302162ffde8feb
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.