Packaged fonts? (and regular audits?)

Petr Pisar ppisar at
Tue Jul 14 07:07:15 UTC 2015

On 2015-07-14, Stefan Nuxoll <stefan at> wrote:
> This is going to be pretty common for anything that uses the bootstrap
> CSS framework, since glyphicons is bundled as part of it. I do not see
> much benefit from packaging this separately, especially as the license
> for the glyphicons halflings font included with bootstrap is MIT, but
> CC-BY from the upstream (
This is not matter of license. This matter of mainainability and
security. Did you know that T42 fonts can contain code which is interpreted
by font rendering engine?

