Show Your Support: This site is primarily supported by advertisements. Ads are what have allowed this site to be maintained on a daily basis for the past 18+ years. We do our best to ensure only clean, relevant ads are shown, when any nasty ads are detected, we work to remove them ASAP. If you would like to view the site without ads while still supporting our work, please consider our ad-free Phoronix Premium.
FreeType 2.10.4 Rushed Out As Emergency Security Release
Public entries on the CVE-2020-15999 vulnerability aren't yet loading but it's in regards to a heap buffer overflow in FreeType's handling of PNG bitmaps. The vulnerability has been around since FreeType 2.6.
The FreeType.org project site simply reads, "This is an emergency release, fixing a severe vulnerability in embedded PNG bitmap handling...All users should update immediately."
This important security fix is the only listed change since FreeType 2.10.3.