File _patchinfo of Package patchinfo.17349
<patchinfo incident="17349">
<issue tracker="cve" id="2020-25690"/>
<issue tracker="cve" id="2020-5395"/>
<issue tracker="bnc" id="1178308">VUL-0: CVE-2020-25690: fontforge: insufficient backport of CVE-2020-5395</issue>
<issue tracker="bnc" id="1160220">VUL-1: CVE-2020-5395: fontforge: use-after-free in SFD_GetFontMetaData in sfd.c</issue>
<packager>qzhao</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for fontforge</summary>
<description>This update for fontforge fixes the following issues:
- fix for Use-after-free (heap) in the SFD_GetFontMetaData() function and the crash (bsc#1178308 CVE-2020-25690).
</description>
</patchinfo>