A freetype security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address two issues.
ELA-856-1 freetype security update
Package : freetype
ELA-856-1 freetype security update
Version : 2.5.2-3+deb8u6 (jessie), 2.6.3-3.2+deb9u3 (stretch)
Related CVEs :
CVE-2022-27405
CVE-2022-27406
Two issues have been found in freetype, a FreeType 2 font engine.
Both issues are related to segmentation violations in different functions: ft_open_face_internal() and FT_Request_Size().
