[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Vulnerability warning (CVE-2020-15999)
From: |
Werner LEMBERG |
Subject: |
Vulnerability warning (CVE-2020-15999) |
Date: |
Tue, 20 Oct 2020 00:07:10 +0200 (CEST) |
I've just fixed a heap buffer overflow that can happen for some
malformed `.ttf` files with PNG sbit glyphs. It seems that this
vulnerability gets already actively used in the wild, so I ask all
users to apply the corresponding commit as soon as possible.
Tomorrow I will do a 2.10.4 release.
Werner
- Vulnerability warning (CVE-2020-15999),
Werner LEMBERG <=