Synopsis: Moderate: freetype security update Advisory ID: SLSA-2019:4254-1 Issue Date: 2019-12-17 CVE Numbers: CVE-2015-9381 CVE-2015-9382 -- Security Fix(es): * freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to information disclosure (CVE-2015-9381) * freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read (CVE-2015-9382) -- SL6 x86_64 freetype-2.3.11-19.el6_10.i686.rpm freetype-2.3.11-19.el6_10.x86_64.rpm freetype-debuginfo-2.3.11-19.el6_10.i686.rpm freetype-debuginfo-2.3.11-19.el6_10.x86_64.rpm freetype-demos-2.3.11-19.el6_10.x86_64.rpm freetype-devel-2.3.11-19.el6_10.i686.rpm freetype-devel-2.3.11-19.el6_10.x86_64.rpm i386 freetype-2.3.11-19.el6_10.i686.rpm freetype-debuginfo-2.3.11-19.el6_10.i686.rpm freetype-demos-2.3.11-19.el6_10.i686.rpm freetype-devel-2.3.11-19.el6_10.i686.rpm - Scientific Linux Development Team