https://bugzilla.redhat.com/show_bug.cgi?id=1788493 Bug ID: 1788493 Summary: CVE-2020-5496 fontforge: heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: mrehak(a)redhat.com CC: eng-i18n-bugs(a)redhat.com, fonts-bugs(a)lists.fedoraproject.org, kevin(a)scrye.com, paul(a)frixxon.co.uk, pnemade(a)redhat.com Target Milestone: --- Classification: Other FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c. Upstream Issue: https://github.com/fontforge/fontforge/issues/4085 -- You are receiving this mail because: You are on the CC list for the bug.