Lucene search
SuseOPENSUSE-SU-2020:0089-1HistoryJan 22, 2020 - 12:00 a.m.
Security update for fontforge (moderate)
2020-01-2200:00:00
lists.opensuse.org
83
0.005 Low
EPSS
Percentile
76.8%
An update that fixes two vulnerabilities is now available.
Description:
This update for fontforge fixes the following issues:
- CVE-2020-5395: Fixed a use-after-free in SFD_GetFontMetaData()
(bsc#1160220). - CVE-2020-5496: Fixed a heap-based buffer overflow in
Type2NotDefSplines() (bsc#1160236).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-89=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.1 | i586 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (i586 x86_64): | - openSUSE Leap 15.1 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm |
Related
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0057)
2022-01-28 00:00:00
openSUSE: Security Advisory for fontforge (openSUSE-SU-2020:0089_1)
2020-01-27 00:00:00
Debian: Security Advisory (DLA-3754-1)
2024-03-08 00:00:00
mageia
mageia
Updated fontforge packages fix security vulnerabilities
2020-01-28 10:52:40
Updated fontforge packages fix a security vulnerability
2020-11-08 17:14:27
nessus
nessus
SUSE SLED15 / SLES15 Security Update : fontforge (SUSE-SU-2020:0118-1)
2020-01-17 00:00:00
openSUSE Security Update : fontforge (openSUSE-2020-89)
2020-01-22 00:00:00
GLSA-202004-14 : FontForge: Multiple vulnerabilities
2020-05-01 00:00:00
gentoo
gentoo
FontForge: Multiple vulnerabilities
2020-04-30 00:00:00
osv
osv
fontforge - security update
2024-03-08 00:00:00
CVE-2020-5496
2020-01-03 22:15:13
CVE-2020-5395
2020-01-03 20:15:12
debian
debian
[SECURITY] [DLA 3754-1] fontforge security update
2024-03-07 23:12:06
ubuntucve
ubuntucve
prion
prion
Code injection
2020-01-03 20:15:00
Heap overflow
2020-01-03 22:15:00
veracode
veracode
Arbitrary Code Execution
2020-10-01 03:50:11
Arbitrary Code Execution
2020-12-07 05:57:42
Denial Of Service(DoS)
2020-11-05 03:18:50
amazon
amazon
Medium: fontforge
2020-10-22 17:33:00
cve
cve
CVE-2020-5395
2020-01-03 20:15:12
CVE-2020-5496
2020-01-03 22:15:13
centos
centos
fontforge security update
2020-10-20 18:02:13
cvelist
cvelist
CVE-2020-5395
2020-01-03 00:00:00
CVE-2020-5496
2020-01-03 00:00:00
debiancve
debiancve
CVE-2020-5496
2020-01-03 22:15:13
CVE-2020-5395
2020-01-03 20:15:12
redhatcve
redhatcve
redhat
redhat
(RHSA-2020:1921) Moderate: fontforge security update
2020-04-28 09:31:16
(RHSA-2020:3966) Moderate: fontforge security update
2020-09-29 07:47:12
(RHSA-2020:4844) Moderate: fontforge security update
2020-11-03 12:40:50
nvd
nvd
CVE-2020-5496
2020-01-03 22:15:13
CVE-2020-5395
2020-01-03 20:15:12
oraclelinux
oraclelinux
fontforge security update
2020-10-06 00:00:00
fontforge security update
2020-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: fontforge-20190801-2.fc31
2020-01-25 06:36:38
[SECURITY] Fedora 31 Update: fontforge-20190801-6.fc31
2020-02-27 17:33:16
almalinux
almalinux
Moderate: fontforge security update
2020-11-03 12:40:50
suse
suse
Security update for fontforge (moderate)
2020-11-29 00:00:00