Security update for fontforge
This update for fontforge fixes the following issues:
- CVE-2020-5395: Fixed a use-after-free in SFD_GetFontMetaData() (bsc#1160220).
- CVE-2020-5496: Fixed a heap-based buffer overflow in Type2NotDefSplines() (bsc#1160236).
This update was imported from the SUSE:SLE-15:Update update project.
- Submitted by Cliff Zhao (qzhao)
Fixed bugs
bnc#1160236
VUL-1: CVE-2020-5496: fontforge: heap-based buffer overflow in Type2NotDefSplines() in splinesave.c
bnc#1160220
VUL-1: CVE-2020-5395: fontforge: use-after-free in SFD_GetFontMetaData in sfd.c