Issued:: 2020-04-28
Updated:: 2020-04-28

RHSA-2020:1921 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: fontforge security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for fontforge is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript (ASCII and binary Type 1, some Type 3 and Type 0), TrueType, OpenType (Type2) and CID-keyed fonts.

Security Fix(es):

fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c (CVE-2020-5395)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8 ppc64le
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6 ppc64le
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4 ppc64le
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2 ppc64le
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8 s390x
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4 s390x
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2 s390x
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8 aarch64
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6 aarch64
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4 aarch64
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2 aarch64

Fixes

BZ - 1790041 - CVE-2020-5395 fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c

CVEs

CVE-2020-5395

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
x86_64
fontforge-20170731-14.el8.i686.rpm	SHA-256: aa34ffa01565eed81e00fb4cc11515fcf0be35ca139e903d4d88a7303a5bddd0
fontforge-20170731-14.el8.x86_64.rpm	SHA-256: 17d7e429a350dcc331fa934793340887db357ba54e9d6055dfb6cb1a9ca13c3d
fontforge-debuginfo-20170731-14.el8.i686.rpm	SHA-256: cb235ac7700191dd744d4f79e35203b7a5ecd25136f4c2ad19a5088e315d6c23
fontforge-debuginfo-20170731-14.el8.x86_64.rpm	SHA-256: 951a143ae62dd7d17d45f85e255d40387ef07083d89b4d9ea142af4b58e95d27
fontforge-debugsource-20170731-14.el8.i686.rpm	SHA-256: 3b92a78c3d80dc8e3557ccefb69bbe46ef09247452c8ae869266ec84df3ea99a
fontforge-debugsource-20170731-14.el8.x86_64.rpm	SHA-256: 8f915e0de20f51cc72cd3209e23317558af019905df6a42558c5c38f62fe6880

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
ppc64le
fontforge-20170731-14.el8.ppc64le.rpm	SHA-256: dba14977220f996c0b9af623a750cc418eea18ae40113d519dd6086e8d43c69e
fontforge-debuginfo-20170731-14.el8.ppc64le.rpm	SHA-256: d749445d07c24e9023c0ad7c7ea9390c01ba5437631ae8beb12bd1160f738086
fontforge-debugsource-20170731-14.el8.ppc64le.rpm	SHA-256: 3d24b82b620c73b29fb47373709e34f80127bc89f0663456b1e266d2777bac32

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
aarch64
fontforge-20170731-14.el8.aarch64.rpm	SHA-256: 4f1a0a5f8e2a08d0b75d1c34f7619a8c312c02f44a8a695b1290a4ae5f653aab
fontforge-debuginfo-20170731-14.el8.aarch64.rpm	SHA-256: 6b008cd90f83b5259814e86811886fcace10be18ab86705f5c769731b165cb61
fontforge-debugsource-20170731-14.el8.aarch64.rpm	SHA-256: d1c4f9c4e6c0495ba632115d8e7cf06cc314f161c05d39dda61fbfcc987b9d34

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
s390x
fontforge-20170731-14.el8.s390x.rpm	SHA-256: cebcb4c7e2c1e39334188c8e1b9d31d2d3b2a09c9429b1c7963bbd8a258ceb67
fontforge-debuginfo-20170731-14.el8.s390x.rpm	SHA-256: 3a18f89f90020deada9b5dbdf8219abc0b07f5fe6020ae52b212dc2a42f3fcbb
fontforge-debugsource-20170731-14.el8.s390x.rpm	SHA-256: e17a493fdf83f31c1a85c446508663c6e20e3a51d5957783f358e52ce59a7776

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
x86_64
fontforge-20170731-14.el8.i686.rpm	SHA-256: aa34ffa01565eed81e00fb4cc11515fcf0be35ca139e903d4d88a7303a5bddd0
fontforge-20170731-14.el8.x86_64.rpm	SHA-256: 17d7e429a350dcc331fa934793340887db357ba54e9d6055dfb6cb1a9ca13c3d
fontforge-debuginfo-20170731-14.el8.i686.rpm	SHA-256: cb235ac7700191dd744d4f79e35203b7a5ecd25136f4c2ad19a5088e315d6c23
fontforge-debuginfo-20170731-14.el8.x86_64.rpm	SHA-256: 951a143ae62dd7d17d45f85e255d40387ef07083d89b4d9ea142af4b58e95d27
fontforge-debugsource-20170731-14.el8.i686.rpm	SHA-256: 3b92a78c3d80dc8e3557ccefb69bbe46ef09247452c8ae869266ec84df3ea99a
fontforge-debugsource-20170731-14.el8.x86_64.rpm	SHA-256: 8f915e0de20f51cc72cd3209e23317558af019905df6a42558c5c38f62fe6880

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.6

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
x86_64
fontforge-20170731-14.el8.i686.rpm	SHA-256: aa34ffa01565eed81e00fb4cc11515fcf0be35ca139e903d4d88a7303a5bddd0
fontforge-20170731-14.el8.x86_64.rpm	SHA-256: 17d7e429a350dcc331fa934793340887db357ba54e9d6055dfb6cb1a9ca13c3d
fontforge-debuginfo-20170731-14.el8.i686.rpm	SHA-256: cb235ac7700191dd744d4f79e35203b7a5ecd25136f4c2ad19a5088e315d6c23
fontforge-debuginfo-20170731-14.el8.x86_64.rpm	SHA-256: 951a143ae62dd7d17d45f85e255d40387ef07083d89b4d9ea142af4b58e95d27
fontforge-debugsource-20170731-14.el8.i686.rpm	SHA-256: 3b92a78c3d80dc8e3557ccefb69bbe46ef09247452c8ae869266ec84df3ea99a
fontforge-debugsource-20170731-14.el8.x86_64.rpm	SHA-256: 8f915e0de20f51cc72cd3209e23317558af019905df6a42558c5c38f62fe6880

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.4

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
x86_64
fontforge-20170731-14.el8.i686.rpm	SHA-256: aa34ffa01565eed81e00fb4cc11515fcf0be35ca139e903d4d88a7303a5bddd0
fontforge-20170731-14.el8.x86_64.rpm	SHA-256: 17d7e429a350dcc331fa934793340887db357ba54e9d6055dfb6cb1a9ca13c3d
fontforge-debuginfo-20170731-14.el8.i686.rpm	SHA-256: cb235ac7700191dd744d4f79e35203b7a5ecd25136f4c2ad19a5088e315d6c23
fontforge-debuginfo-20170731-14.el8.x86_64.rpm	SHA-256: 951a143ae62dd7d17d45f85e255d40387ef07083d89b4d9ea142af4b58e95d27
fontforge-debugsource-20170731-14.el8.i686.rpm	SHA-256: 3b92a78c3d80dc8e3557ccefb69bbe46ef09247452c8ae869266ec84df3ea99a
fontforge-debugsource-20170731-14.el8.x86_64.rpm	SHA-256: 8f915e0de20f51cc72cd3209e23317558af019905df6a42558c5c38f62fe6880

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 8.2

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
x86_64
fontforge-20170731-14.el8.i686.rpm	SHA-256: aa34ffa01565eed81e00fb4cc11515fcf0be35ca139e903d4d88a7303a5bddd0
fontforge-20170731-14.el8.x86_64.rpm	SHA-256: 17d7e429a350dcc331fa934793340887db357ba54e9d6055dfb6cb1a9ca13c3d
fontforge-debuginfo-20170731-14.el8.i686.rpm	SHA-256: cb235ac7700191dd744d4f79e35203b7a5ecd25136f4c2ad19a5088e315d6c23
fontforge-debuginfo-20170731-14.el8.x86_64.rpm	SHA-256: 951a143ae62dd7d17d45f85e255d40387ef07083d89b4d9ea142af4b58e95d27
fontforge-debugsource-20170731-14.el8.i686.rpm	SHA-256: 3b92a78c3d80dc8e3557ccefb69bbe46ef09247452c8ae869266ec84df3ea99a
fontforge-debugsource-20170731-14.el8.x86_64.rpm	SHA-256: 8f915e0de20f51cc72cd3209e23317558af019905df6a42558c5c38f62fe6880

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
ppc64le
fontforge-20170731-14.el8.ppc64le.rpm	SHA-256: dba14977220f996c0b9af623a750cc418eea18ae40113d519dd6086e8d43c69e
fontforge-debuginfo-20170731-14.el8.ppc64le.rpm	SHA-256: d749445d07c24e9023c0ad7c7ea9390c01ba5437631ae8beb12bd1160f738086
fontforge-debugsource-20170731-14.el8.ppc64le.rpm	SHA-256: 3d24b82b620c73b29fb47373709e34f80127bc89f0663456b1e266d2777bac32

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.6

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
ppc64le
fontforge-20170731-14.el8.ppc64le.rpm	SHA-256: dba14977220f996c0b9af623a750cc418eea18ae40113d519dd6086e8d43c69e
fontforge-debuginfo-20170731-14.el8.ppc64le.rpm	SHA-256: d749445d07c24e9023c0ad7c7ea9390c01ba5437631ae8beb12bd1160f738086
fontforge-debugsource-20170731-14.el8.ppc64le.rpm	SHA-256: 3d24b82b620c73b29fb47373709e34f80127bc89f0663456b1e266d2777bac32

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.4

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
ppc64le
fontforge-20170731-14.el8.ppc64le.rpm	SHA-256: dba14977220f996c0b9af623a750cc418eea18ae40113d519dd6086e8d43c69e
fontforge-debuginfo-20170731-14.el8.ppc64le.rpm	SHA-256: d749445d07c24e9023c0ad7c7ea9390c01ba5437631ae8beb12bd1160f738086
fontforge-debugsource-20170731-14.el8.ppc64le.rpm	SHA-256: 3d24b82b620c73b29fb47373709e34f80127bc89f0663456b1e266d2777bac32

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 8.2

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
ppc64le
fontforge-20170731-14.el8.ppc64le.rpm	SHA-256: dba14977220f996c0b9af623a750cc418eea18ae40113d519dd6086e8d43c69e
fontforge-debuginfo-20170731-14.el8.ppc64le.rpm	SHA-256: d749445d07c24e9023c0ad7c7ea9390c01ba5437631ae8beb12bd1160f738086
fontforge-debugsource-20170731-14.el8.ppc64le.rpm	SHA-256: 3d24b82b620c73b29fb47373709e34f80127bc89f0663456b1e266d2777bac32

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
s390x
fontforge-20170731-14.el8.s390x.rpm	SHA-256: cebcb4c7e2c1e39334188c8e1b9d31d2d3b2a09c9429b1c7963bbd8a258ceb67
fontforge-debuginfo-20170731-14.el8.s390x.rpm	SHA-256: 3a18f89f90020deada9b5dbdf8219abc0b07f5fe6020ae52b212dc2a42f3fcbb
fontforge-debugsource-20170731-14.el8.s390x.rpm	SHA-256: e17a493fdf83f31c1a85c446508663c6e20e3a51d5957783f358e52ce59a7776

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.6

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
s390x
fontforge-20170731-14.el8.s390x.rpm	SHA-256: cebcb4c7e2c1e39334188c8e1b9d31d2d3b2a09c9429b1c7963bbd8a258ceb67
fontforge-debuginfo-20170731-14.el8.s390x.rpm	SHA-256: 3a18f89f90020deada9b5dbdf8219abc0b07f5fe6020ae52b212dc2a42f3fcbb
fontforge-debugsource-20170731-14.el8.s390x.rpm	SHA-256: e17a493fdf83f31c1a85c446508663c6e20e3a51d5957783f358e52ce59a7776

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.4

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
s390x
fontforge-20170731-14.el8.s390x.rpm	SHA-256: cebcb4c7e2c1e39334188c8e1b9d31d2d3b2a09c9429b1c7963bbd8a258ceb67
fontforge-debuginfo-20170731-14.el8.s390x.rpm	SHA-256: 3a18f89f90020deada9b5dbdf8219abc0b07f5fe6020ae52b212dc2a42f3fcbb
fontforge-debugsource-20170731-14.el8.s390x.rpm	SHA-256: e17a493fdf83f31c1a85c446508663c6e20e3a51d5957783f358e52ce59a7776

Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 8.2

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
s390x
fontforge-20170731-14.el8.s390x.rpm	SHA-256: cebcb4c7e2c1e39334188c8e1b9d31d2d3b2a09c9429b1c7963bbd8a258ceb67
fontforge-debuginfo-20170731-14.el8.s390x.rpm	SHA-256: 3a18f89f90020deada9b5dbdf8219abc0b07f5fe6020ae52b212dc2a42f3fcbb
fontforge-debugsource-20170731-14.el8.s390x.rpm	SHA-256: e17a493fdf83f31c1a85c446508663c6e20e3a51d5957783f358e52ce59a7776

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.8

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
aarch64
fontforge-20170731-14.el8.aarch64.rpm	SHA-256: 4f1a0a5f8e2a08d0b75d1c34f7619a8c312c02f44a8a695b1290a4ae5f653aab
fontforge-debuginfo-20170731-14.el8.aarch64.rpm	SHA-256: 6b008cd90f83b5259814e86811886fcace10be18ab86705f5c769731b165cb61
fontforge-debugsource-20170731-14.el8.aarch64.rpm	SHA-256: d1c4f9c4e6c0495ba632115d8e7cf06cc314f161c05d39dda61fbfcc987b9d34

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.6

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
aarch64
fontforge-20170731-14.el8.aarch64.rpm	SHA-256: 4f1a0a5f8e2a08d0b75d1c34f7619a8c312c02f44a8a695b1290a4ae5f653aab
fontforge-debuginfo-20170731-14.el8.aarch64.rpm	SHA-256: 6b008cd90f83b5259814e86811886fcace10be18ab86705f5c769731b165cb61
fontforge-debugsource-20170731-14.el8.aarch64.rpm	SHA-256: d1c4f9c4e6c0495ba632115d8e7cf06cc314f161c05d39dda61fbfcc987b9d34

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.4

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
aarch64
fontforge-20170731-14.el8.aarch64.rpm	SHA-256: 4f1a0a5f8e2a08d0b75d1c34f7619a8c312c02f44a8a695b1290a4ae5f653aab
fontforge-debuginfo-20170731-14.el8.aarch64.rpm	SHA-256: 6b008cd90f83b5259814e86811886fcace10be18ab86705f5c769731b165cb61
fontforge-debugsource-20170731-14.el8.aarch64.rpm	SHA-256: d1c4f9c4e6c0495ba632115d8e7cf06cc314f161c05d39dda61fbfcc987b9d34

Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 8.2

SRPM
fontforge-20170731-14.el8.src.rpm	SHA-256: 677c1af3b6501c6b15536f024f212f1cc2b14ae0e75fb0899c17b85b1a8e3b1b
aarch64
fontforge-20170731-14.el8.aarch64.rpm	SHA-256: 4f1a0a5f8e2a08d0b75d1c34f7619a8c312c02f44a8a695b1290a4ae5f653aab
fontforge-debuginfo-20170731-14.el8.aarch64.rpm	SHA-256: 6b008cd90f83b5259814e86811886fcace10be18ab86705f5c769731b165cb61
fontforge-debugsource-20170731-14.el8.aarch64.rpm	SHA-256: d1c4f9c4e6c0495ba632115d8e7cf06cc314f161c05d39dda61fbfcc987b9d34

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.