{"id":"MGASA-2022-0184","summary":"Updated freetype2 packages fix security vulnerability","details":"FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to\ncontain a heap buffer overflow via the function sfnt_init_face.\n(CVE-2022-27404)\n\nFreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to\ncontain a segmentation violation via the function FNT_Size_Request.\n(CVE-2022-27405)\n\nFreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to\ncontain a segmentation violation via the function FT_Request_Size.\n(CVE-2022-27406)\n","modified":"2026-01-31T23:30:43.458885Z","published":"2022-05-15T10:06:40Z","related":["CVE-2022-27404","CVE-2022-27405","CVE-2022-27406"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0184.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30395"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"}],"affected":[{"package":{"name":"freetype2","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/freetype2?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10.4-2.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0184.json"}},{"package":{"name":"freetype2","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/freetype2?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10.4-2.1.mga8.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0184.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}