Fedora 40: fontforge 2024-e01ef71e64
Summary
FontForge (former PfaEdit) is a font editor for outline and bitmap
fonts. It supports a range of font formats, including PostScript
(ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType
(Type2) and CID-keyed fonts.
Update Information:
Security fix for CVE-2024-25081 and CVE-2024-25082
Change Log
* Wed Feb 28 2024 Parag Nemade
References
[ 1 ] Bug #2266180 - CVE-2024-25082 fontforge: command injection via crafted archives or compressed files. https://bugzilla.redhat.com/show_bug.cgi?id=2266180 [ 2 ] Bug #2266181 - CVE-2024-25081 fontforge: command injection via crafted filenames. https://bugzilla.redhat.com/show_bug.cgi?id=2266181
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-e01ef71e64' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html