fontforge-20120731b-13.el7
エラータID: AXSA:2020-749:01
An update for fontforge is now available for Asianux Server 7.
Asianux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Security Fix(es):
* fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c (CVE-2020-5395)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7 Release Notes linked from the References section.
## CVE
* [CVE-2020-5395](https://www.redhat.com/security/data/cve/CVE-2020-5395.html)
CVE-2020-5395
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
Update packages.
N/A
SRPMS
- fontforge-20120731b-13.el7.src.rpm
MD5: 5d45a418dc8bec604578a4846f58b864
SHA-256: 6447a354149627af274771678141ef20cef2b35c1d365ca9c0491c8f3fcdeaa4
Size: 8.53 MB
Asianux Server 7 for x86_64
- fontforge-20120731b-13.el7.x86_64.rpm
MD5: 8ec6a82eae51b6850d1807072588a4a9
SHA-256: 0afc6c5d47134b9c4bb6c0749ff9465f15bd8e17a6efdf08fd50128365cd12c7
Size: 7.71 MB - fontforge-devel-20120731b-13.el7.x86_64.rpm
MD5: 4571c789919ae901b306f4e0de4f7cb5
SHA-256: c308f114073fe3384ac3b5ee7cd47e5dd58fc38953a09790e08a52eba5ccdbf0
Size: 128.61 kB - fontforge-20120731b-13.el7.i686.rpm
MD5: 4020e7d0c79e00d638f2a28cc9333ab0
SHA-256: c5fe73ef988318962578cb5c42540a67df86c7c374d30a4ac0c0202d52d7e64f
Size: 7.61 MB - fontforge-devel-20120731b-13.el7.i686.rpm
MD5: d1deecaafb2a94125cca1611cccb397a
SHA-256: ecbec413455e25e3ced957d63a035a93139abb86d4eeac8b5cac3d73a2838589
Size: 128.62 kB