Stay Connected:

ELSA-2026-7677

ELSA-2026-7677 - fontforge security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-04-14

Description


[20200314-7]
- Resolves: RHEL-138168
CVE-2025-15270 SFD File Parsing Remote Code Execution Vulnerability
- Resolves: RHEL-138174
CVE-2025-15279 GUtils BMP File Parsing Heap-based Buffer Overflow
- Resolves: RHEL-138190
CVE-2025-15275 SFD File Parsing Heap-based Buffer Overflow
- Resolves: RHEL-138140
CVE-2025-15269 SFD File Parsing Use-After-Free

[20200314-6]
- Resolves: RHEL-26715 - fontforge: various flaws
(CVE-2024-25081 and CVE-2024-25082)


Related CVEs


CVE-2025-15269
CVE-2025-15270
CVE-2025-15275
CVE-2025-15279

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) fontforge-20200314-7.el8_10.src.rpma052c920aa8fdf00d21ea6abf462ce4770c79f33afdc835296e1d5cbbbe42184-ol8_aarch64_codeready_builder
fontforge-20200314-7.el8_10.aarch64.rpm88edc63fb725c16a19de2caa5385a90b54c5d38ede04df6f76c8a0ec588bc428-ol8_aarch64_codeready_builder
Oracle Linux 8 (x86_64) fontforge-20200314-7.el8_10.src.rpma052c920aa8fdf00d21ea6abf462ce4770c79f33afdc835296e1d5cbbbe42184-ol8_x86_64_codeready_builder
fontforge-20200314-7.el8_10.i686.rpmf743888a42234139439ed3e74912b09bff78bade2a708e1e77874d5c350b4204-ol8_x86_64_codeready_builder
fontforge-20200314-7.el8_10.x86_64.rpmbc8cca33a45b93ea055852e446585b99782e5b20f6e99244132f567603d4004d-ol8_x86_64_codeready_builder



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights