fonts-bugs October 2025

fonts-bugs@lists.fedoraproject.org

1 participants
20 discussions

[Bug 2406131] New: CVE-2025-50949 fontforge: Fontforge memory leak [fedora-41]
by bugzilla＠redhat.com 05 Nov '25

05 Nov '25

https://bugzilla.redhat.com/show_bug.cgi?id=2406131 Bug ID: 2406131 Summary: CVE-2025-50949 fontforge: Fontforge memory leak [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["a01aca2b-d80f-4cc0-96fe-17d2fa0b5b3e"]} Component: fontforge Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: pnemade(a)redhat.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2406045 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2406131 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2406133] New: CVE-2025-50949 fontforge: Fontforge memory leak [fedora-42]
by bugzilla＠redhat.com 05 Nov '25

05 Nov '25

https://bugzilla.redhat.com/show_bug.cgi?id=2406133 Bug ID: 2406133 Summary: CVE-2025-50949 fontforge: Fontforge memory leak [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["a01aca2b-d80f-4cc0-96fe-17d2fa0b5b3e"]} Component: fontforge Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: pnemade(a)redhat.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2406045 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2406133 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2406134] New: CVE-2025-50951 fontforge: Fontforge memory leak [fedora-42]
by bugzilla＠redhat.com 28 Oct '25

28 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2406134 Bug ID: 2406134 Summary: CVE-2025-50951 fontforge: Fontforge memory leak [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["bfc23f57-8400-4ba0-b591-79d177e54f44"]} Component: fontforge Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: pnemade(a)redhat.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2406046 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2406134 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2406132] New: CVE-2025-50951 fontforge: Fontforge memory leak [fedora-41]
by bugzilla＠redhat.com 28 Oct '25

28 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2406132 Bug ID: 2406132 Summary: CVE-2025-50951 fontforge: Fontforge memory leak [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["bfc23f57-8400-4ba0-b591-79d177e54f44"]} Component: fontforge Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: pnemade(a)redhat.com Reporter: jmoroney(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2406046 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2406132 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2402101] New: add system-ui config for Arabic UI and other UI fonts
by bugzilla＠redhat.com 21 Oct '25

21 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2402101 Bug ID: 2402101 Summary: add system-ui config for Arabic UI and other UI fonts Product: Fedora Version: rawhide OS: Linux Status: NEW Component: google-noto-fonts Keywords: i18n Severity: medium Assignee: tagoh(a)redhat.com Reporter: petersen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, petersen(a)redhat.com, pwu(a)redhat.com, tagoh(a)redhat.com Target Milestone: --- Classification: Fedora It seems desirable to configure Arabic UI fonts for the desktop. Can we add system-ui font .conf for Arabic and other UI fonts? Reproducible: Always Steps to Reproduce: 1. check /etc/fonts/conf.d/62-google-noto-sans-arabic-ui-vf.conf Actual Results: No config for system-ui font Expected Results: Could set system-ui for lang=ar -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2402101 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2393704] New: freetype-2.14.0 is available
by bugzilla＠redhat.com 15 Oct '25

15 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2393704 Bug ID: 2393704 Summary: freetype-2.14.0 is available Product: Fedora Version: rawhide Status: NEW Component: freetype Keywords: FutureFeature, Triaged Assignee: mkasik(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: ajax(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org, mclasen(a)redhat.com, mkasik(a)redhat.com, rstrode(a)redhat.com, suraj.ghimire7(a)gmail.com Target Milestone: --- Classification: Fedora Releases retrieved: 2.14.0 Upstream release that is considered latest: 2.14.0 Current version/release in rawhide: 2.13.3-3.fc43 URL: https://www.freetype.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/854/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/freetype -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2393704 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2119608] Fonts SIG tracker bug
by bugzilla＠redhat.com 15 Oct '25

15 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2119608 Bug 2119608 depends on bug 2402440, which changed state. Bug 2402440 Summary: Review Request: twr-mint-mono-fonts - Mint Mono, monospace typeface TrueType font https://bugzilla.redhat.com/show_bug.cgi?id=2402440 What |Removed |Added ---------------------------------------------------------------------------- Status|RELEASE_PENDING |CLOSED Resolution|--- |NEXTRELEASE -- You are receiving this mail because: You are the QA Contact for the bug. You are the assignee for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2119608

1 0

[Bug 2402960] New: fontforge-20251009 is available
by bugzilla＠redhat.com 10 Oct '25

10 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2402960 Bug ID: 2402960 Summary: fontforge-20251009 is available Product: Fedora Version: rawhide Status: NEW Component: fontforge Keywords: FutureFeature, Triaged Assignee: pnemade(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 20251009 Upstream release that is considered latest: 20251009 Current version/release in rawhide: 20230101-18.fc43 URL: https://fontforge.org/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/5807/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/fontforge -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2402960 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2402672] New: google-roboto-mono-fonts-3.001 is available
by bugzilla＠redhat.com 09 Oct '25

09 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2402672 Bug ID: 2402672 Summary: google-roboto-mono-fonts-3.001 is available Product: Fedora Version: rawhide Status: NEW Component: google-roboto-mono-fonts Keywords: FutureFeature, Triaged Assignee: link(a)sub-pop.net Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, link(a)sub-pop.net Target Milestone: --- Classification: Fedora Releases retrieved: 3.001 Upstream release that is considered latest: 3.001 Current version/release in rawhide: 3.000-13.20240307git3479a22.fc43 URL: https://github.com/googlefonts/RobotoMono Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/385796/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/google-roboto-mono-fonts -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2402672 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2402647] New: default monospace for Georgian is not Noto Sans Georgian when dejavu-sans-mono-fonts installed
by bugzilla＠redhat.com 09 Oct '25

09 Oct '25

https://bugzilla.redhat.com/show_bug.cgi?id=2402647 Bug ID: 2402647 Summary: default monospace for Georgian is not Noto Sans Georgian when dejavu-sans-mono-fonts installed Product: Fedora Version: 43 OS: Linux Status: NEW Component: google-noto-fonts Severity: medium Assignee: tagoh(a)redhat.com Reporter: tagoh(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, petersen(a)redhat.com, pwu(a)redhat.com, tagoh(a)redhat.com Target Milestone: --- Classification: Fedora $ rpm -qa | grep deja dejavu-sans-mono-fonts-2.37-26.fc43.noarch $ fontquery-diff --loose-comparison 43 * Comparison between 43 and local ... Persian(fa) Vazirmatn Noto Naskh Arabic Vazirmatn - Georgian(ka) Noto Sans Georgian Noto Serif Georgian Noto Sans Georgian + DejaVu Sans Mono Reproducible: Always Steps to Reproduce: 1.make sure default-fonts and dejavu-sans-mono-fonts installed 2.see what is the default monospace font for Georgian(ka) 3. Actual Results: DejaVu Sans Mono Expected Results: should be Noto Sans Georgian according to https://fedoraproject.org/wiki/Changes/SetDefaultMonospaceFallbackFont -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2402647 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

fonts-bugs October 2025