[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [oss-security] CVE-2025-27363: out of bounds write in FreeType <= 2.
|
From: |
Alan Coopersmith |
|
Subject: |
Re: [oss-security] CVE-2025-27363: out of bounds write in FreeType <= 2.13.0 |
|
Date: |
Thu, 13 Mar 2025 11:03:56 -0700 |
|
User-agent: |
Mozilla Thunderbird |
On 3/13/25 09:13, Hin-Tak Leung wrote:
While I generally agree with the "upgrade if you worry about this" advice, I am
also aware that the concern did not come from consumer desktops, but from
embedded , mobile and shipped / long-term-maintained systems like Solaris,
Android, Raspberry pi OS, etc.
I can't speak to the others, but for Solaris, we upgraded FreeType from 2.13.0
to 2.13.3 in our Solaris 11.4.75 support update which shipped in November.
https://blogs.oracle.com/solaris/post/announcing-oracle-solaris-114-sru75
--
-Alan Coopersmith- alan.coopersmith@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/solaris