fonts-bugs April 2026

fonts-bugs@lists.fedoraproject.org

1 participants
22 discussions

[Bug 2450200] New: pango-1.57.1 is available
by bugzilla＠redhat.com 16 May '26

16 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2450200 Bug ID: 2450200 Summary: pango-1.57.1 is available Product: Fedora Version: rawhide Status: NEW Component: pango Keywords: FutureFeature, Triaged Assignee: pwu(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, gnome-sig(a)lists.fedoraproject.org, i18n-bugs(a)lists.fedoraproject.org, mclasen(a)redhat.com, pwu(a)redhat.com, rhughes(a)redhat.com, rstrode(a)redhat.com, tagoh(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 1.57.1 Upstream release that is considered latest: 1.57.1 Current version/release in rawhide: 1.57.0-4.fc45 URL: http://www.pango.org Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/11783/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/pango -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2450200 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 1532523] [google-droid-fonts] rebase to latest version
by bugzilla＠redhat.com 12 May '26

12 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=1532523 Fedora Admin user for bugzilla script actions <fedora-admin-xmlrpc(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|aekoroglu(a)linux.intel.com |aekoroglu(a)gmail.com --- Comment #15 from Fedora Admin user for bugzilla script actions <fedora-admin-xmlrpc(a)fedoraproject.org> --- This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=1532523 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

2 1

[Bug 2426599] New: CVE-2025-15280 fontforge: FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426599 Bug ID: 2426599 Summary: CVE-2025-15280 fontforge: FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["c0cde29b-bf92-4976-8812-3fb3bd0613c5"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426430 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426599 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426595] New: CVE-2025-15276 fontforge: FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426595 Bug ID: 2426595 Summary: CVE-2025-15276 fontforge: FontForge SFD File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["1d848b82-6cec-4ac8-a4e4-280ad45c7ad7"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426424 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426595 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426592] New: CVE-2025-15278 fontforge: FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426592 Bug ID: 2426592 Summary: CVE-2025-15278 fontforge: FontForge GUtils XBM File Parsing Integer Overflow Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["4b0e37b3-aee4-492b-a36a-853ead6f8450"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426433 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426592 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426590] New: CVE-2025-15277 fontforge: FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426590 Bug ID: 2426590 Summary: CVE-2025-15277 fontforge: FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["735578d0-49ef-47a9-81a8-722f6674848e"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426425 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426590 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426586] New: CVE-2025-15274 fontforge: FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426586 Bug ID: 2426586 Summary: CVE-2025-15274 fontforge: FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["6374512d-39d2-44ca-960c-5fa0950ba189"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426435 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426586 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426584] New: CVE-2025-15273 fontforge: FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426584 Bug ID: 2426584 Summary: CVE-2025-15273 fontforge: FontForge PFB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["217f5fcc-cf4a-4f3e-b707-e9d285e674be"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426428 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426584 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426582] New: CVE-2025-15272 fontforge: FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426582 Bug ID: 2426582 Summary: CVE-2025-15272 fontforge: FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["ad1ad48b-092f-4eaa-ac54-b88088da82fa"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426427 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426582 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2426581] New: CVE-2025-15271 fontforge: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability [fedora-42]
by bugzilla＠redhat.com 06 May '26

06 May '26

https://bugzilla.redhat.com/show_bug.cgi?id=2426581 Bug ID: 2426581 Summary: CVE-2025-15271 fontforge: FontForge SFD File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability [fedora-42] Product: Fedora Version: 42 Status: NEW Whiteboard: {"flaws": ["cae1f386-b0d8-46dc-b522-63f7de7200a5"]} Component: fontforge Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: pnemade(a)redhat.com Reporter: saroy(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, pnemade(a)redhat.com Blocks: 2426422 Target Milestone: --- Classification: Fedora Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT. https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essent… -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2426581 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

fonts-bugs April 2026