freetype-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Vulnerability warning (CVE-2020-15999)


From: Werner LEMBERG
Subject: Vulnerability warning (CVE-2020-15999)
Date: Tue, 20 Oct 2020 00:07:10 +0200 (CEST)

I've just fixed a heap buffer overflow that can happen for some
malformed `.ttf` files with PNG sbit glyphs.  It seems that this
vulnerability gets already actively used in the wild, so I ask all
users to apply the corresponding commit as soon as possible.

Tomorrow I will do a 2.10.4 release.


    Werner



reply via email to

[Prev in Thread] Current Thread [Next in Thread]