{"affected":[{"ecosystem_specific":{"binaries":[{"libfreetype6":"2.13.3-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"freetype2","purl":"pkg:rpm/suse/freetype2&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.13.3-1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for freetype2 fixes the following issues:\n\nUpdate to 2.13.2:\n\n* Some fields in the `FT_Outline` structure have been changed\n  from signed to unsigned type, which better reflects the actual\n  usage. It is also an additional means to protect against\n  malformed input.\n* Rare double-free crashes in the cache subsystem have been fixed.\n* Excessive stack allocation in the autohinter has been fixed.\n* The B/W  rasterizer has received a major upkeep that results in\n  large performance improvements.  The rendering speed has\n  increased and even doubled for very complex glyphs.\n","id":"SUSE-SU-2025:20204-1","modified":"2025-04-24T14:44:51Z","published":"2025-04-24T14:44:51Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520204-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1035807"},{"type":"REPORT","url":"https://bugzilla.suse.com/1036457"},{"type":"REPORT","url":"https://bugzilla.suse.com/1079600"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198823"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198830"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198832"},{"type":"REPORT","url":"https://bugzilla.suse.com/867620"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-2240"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-2241"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-8105"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-8287"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-27404"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-27405"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-27406"}],"related":["CVE-2014-2240","CVE-2014-2241","CVE-2017-8105","CVE-2017-8287","CVE-2022-27404","CVE-2022-27405","CVE-2022-27406"],"summary":"Security update for freetype2","upstream":["CVE-2014-2240","CVE-2014-2241","CVE-2017-8105","CVE-2017-8287","CVE-2022-27404","CVE-2022-27405","CVE-2022-27406"]}