ELSA-2025-3407

ELSA-2025-3407 - freetype security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-03-31

Description

[2.10.4-10]
- Fix for CVE-2025-27363 out-of-bound write vulnerability
- Patch initially by Marc Deslauriers of Canonical
- https://www.openwall.com/lists/oss-security/2025/03/14/3
- Adjusted for EL9 by Jonathan Wright of AlmaLinux
- and a member of the Meta security team
- Resolves: RHEL-83105

Related CVEs

CVE-2025-27363

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_aarch64_appstream
	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_aarch64_baseos_latest
	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_aarch64_u5_baseos_patch
	freetype-2.10.4-10.el9_5.aarch64.rpm	c24b64d73f61a467bc1aa3b5d516b331f9b0a554d712657ad15f0e1c9292c45b	-	ol9_aarch64_baseos_latest
	freetype-2.10.4-10.el9_5.aarch64.rpm	c24b64d73f61a467bc1aa3b5d516b331f9b0a554d712657ad15f0e1c9292c45b	-	ol9_aarch64_u5_baseos_patch
	freetype-devel-2.10.4-10.el9_5.aarch64.rpm	8a496ad1b398bb876524dc5e06b6ede5df5398123794a977cc3616e04fe12b2d	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_x86_64_appstream
	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_x86_64_baseos_latest
	freetype-2.10.4-10.el9_5.src.rpm	81027fa3c157eddac10e538147104c13642b0a19fe001a8f673e832ba0152f10	-	ol9_x86_64_u5_baseos_patch
	freetype-2.10.4-10.el9_5.i686.rpm	b919cfe133b377ea76c75b9ef1809053f956684757a3ef63f65bc554424d29ba	-	ol9_x86_64_baseos_latest
	freetype-2.10.4-10.el9_5.i686.rpm	b919cfe133b377ea76c75b9ef1809053f956684757a3ef63f65bc554424d29ba	-	ol9_x86_64_u5_baseos_patch
	freetype-2.10.4-10.el9_5.x86_64.rpm	486778053b609c12e4a5a27cf45472b1401fa581c7d599ee5fad12f047154ee5	-	ol9_x86_64_baseos_latest
	freetype-2.10.4-10.el9_5.x86_64.rpm	486778053b609c12e4a5a27cf45472b1401fa581c7d599ee5fad12f047154ee5	-	ol9_x86_64_u5_baseos_patch
	freetype-devel-2.10.4-10.el9_5.i686.rpm	fdbfd1dd03575b74b50b91498381590d4e4503f5714b558aa2ca8ec231947402	-	ol9_x86_64_appstream
	freetype-devel-2.10.4-10.el9_5.x86_64.rpm	0f72d357b8638d3f2283cce1239e22eb019c439e09f37153fc0d99a78938fe23	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team