{"id":"MGASA-2020-0389","summary":"Updated freetype2 packages fix security vulnerability","details":"A heap buffer overflow has been found in freetype2 before 2.10.4.\nMalformed TTF files with PNG sbit glyphs can cause a heap buffer\noverflow in Load_SBit_Png as libpng uses the original 32-bit values,\nwhich are saved in png_struct. If the original width and/or height are\ngreater than 65535, the allocated buffer won't be able to fit the\nbitmap. (CVE-2020-15999)\n","modified":"2026-02-04T02:13:14.169358Z","published":"2020-10-20T16:22:12Z","related":["CVE-2020-15999"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0389.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27453"},{"type":"REPORT","url":"https://savannah.nongnu.org/bugs/?59308"},{"type":"REPORT","url":"https://security.archlinux.org/ASA-202010-10/generate"}],"affected":[{"package":{"name":"freetype2","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/freetype2?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-4.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0389.json"}},{"package":{"name":"freetype2","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/freetype2?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1-4.1.mga7.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0389.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}