Security update for fontforge
This update for fontforge fixes the following issues:
- fix for Use-after-free (heap) in the SFD_GetFontMetaData() function and the crash (bsc#1178308 CVE-2020-25690).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Cliff Zhao (qzhao)
Fixed bugs
bnc#1178308
VUL-0: CVE-2020-25690: fontforge: insufficient backport of CVE-2020-5395
bnc#1160220
VUL-1: CVE-2020-5395: fontforge: use-after-free in SFD_GetFontMetaData in sfd.c
