Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for freetype2 fixes the following issue: Update to freetype2 2.14.2: * CVE-2026-23865: Integer overflow in the tt_var_load_item_variation_store function (bsc#1259118). Changelog: * Several changes related to LCD filtering are implemented to achieve better performance and encourage sound practices. * Instead of blanket LCD filtering over the entire bitmap, it is now applied only to non-zero spans using direct rendering. This speeds up the ClearType- like rendering by more than 40% at sizes above 32 ppem. * Setting the filter weights with FT_Face_Properties is no longer supported. The default and light filters are optimized to work with any face. * The legacy libXft LCD filter algorithm is no longer provided. * The italic angle in `PS_FontInfo` is now stored as a fixed-point value in
* bsc#1252148
* bsc#1259118
Cross-
* CVE-2026-23865
CVSS scores:
* CVE-2026-23865 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
* SUSE Linux Micro 6.0
An update that solves one vulnerability and has one fix can now be installed.
##
* https://www.suse.com/security/cve/CVE-2026-23865.html
* https://bugzilla.suse.com/show_bug.cgi?id=1252148
* https://bugzilla.suse.com/show_bug.cgi?id=1259118
Get the latest Linux and open source security news straight to your inbox.