It was discovered that FontForge incorrectly handled filenames. If a user or an
automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a command injection.
(CVE-2024-25081)
It was discovered that FontForge incorrectly handled archives and compressed
files. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to perform
command injection. (CVE-2024-25082)
More Stories
jpegxl-0.8.3-1.fc40
FEDORA-2024-d1c276c860 Packages in this update: jpegxl-0.8.3-1.fc40 Update description: update to 0.8.3 Read More
jpegxl-0.8.3-1.fc39
FEDORA-2024-35ce4d5a74 Packages in this update: jpegxl-0.8.3-1.fc39 Update description: update to 0.8.3 Read More
mingw-python-certifi-2024.7.4-1.fc40
FEDORA-2024-599bb2cb73 Packages in this update: mingw-python-certifi-2024.7.4-1.fc40 Update description: Update to 2024.7.4. Read More
caddy-2.8.4-1.fc41
FEDORA-2024-bd8fe42929 Packages in this update: caddy-2.8.4-1.fc41 Update description: Automatic update for caddy-2.8.4-1.fc41. Changelog * Fri Jul 5 2024 Carl George...