Overview

File _patchinfo of Package patchinfo.13795

<patchinfo incident="13795">
  <issue tracker="cve" id="2020-5496"/>
  <issue tracker="cve" id="2020-5395"/>
  <issue tracker="bnc" id="1160236">VUL-1: CVE-2020-5496: fontforge: heap-based buffer overflow in Type2NotDefSplines()  in splinesave.c</issue>
  <issue tracker="bnc" id="1160220">VUL-1: CVE-2020-5395: fontforge: use-after-free in SFD_GetFontMetaData in sfd.c</issue>
  <packager>qzhao</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for fontforge</summary>
  <description>This update for fontforge fixes the following issues:

- CVE-2020-5395: Fixed a use-after-free in SFD_GetFontMetaData() (bsc#1160220).
- CVE-2020-5496: Fixed a heap-based buffer overflow in Type2NotDefSplines() (bsc#1160236).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places