6 matches found
RLSA-2024:9439 Moderate: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: command injection via crafted archives or compressed files...
Amazon Linux 2023 : fontforge, fontforge-devel (ALAS2023-2024-565)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-565 advisory. Splinefont in FontForge through 20230101 allows command injection via crafted filenames. CVE-2024-25081 Splinefont in FontForge through 20230101 allows command injection via crafted archives or...
SUSE-SU-2024:0863-1 Security update for fontforge
This update for fontforge fixes the following issues: - CVE-2024-25081: Fixed command injection via crafted filenames bsc1220404. - CVE-2024-25082: Fixed command injection via crafted archives or compressed files bsc1220405...
OPENSUSE-SU-2020:2111-1 Security update for fontforge
This update for fontforge fixes the following issues: - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690. This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2020:0089-1 Security update for fontforge
This update for fontforge fixes the following issues: - CVE-2020-5395: Fixed a use-after-free in SFDGetFontMetaData bsc1160220. - CVE-2020-5496: Fixed a heap-based buffer overflow in Type2NotDefSplines bsc1160236. This update was imported from the SUSE:SLE-15:Update update project...
SUSE-SU-2020:0118-1 Security update for fontforge
This update for fontforge fixes the following issues: - CVE-2020-5395: Fixed a use-after-free in SFDGetFontMetaData bsc1160220. - CVE-2020-5496: Fixed a heap-based buffer overflow in Type2NotDefSplines bsc1160236...