Debian 10260 Published by

A freetype security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address two issues.



ELA-856-1 freetype security update

Package : freetype
Version : 2.5.2-3+deb8u6 (jessie), 2.6.3-3.2+deb9u3 (stretch)

Related CVEs :
CVE-2022-27405
CVE-2022-27406

Two issues have been found in freetype, a FreeType 2 font engine.
Both issues are related to segmentation violations in different functions: ft_open_face_internal() and FT_Request_Size().

  ELA-856-1 freetype security update