Hi Werner, On Tue, 20 Oct 2020 at 09:07, Werner LEMBERG wrote:
> > I've just fixed a heap buffer overflow that can happen for some > malformed `.ttf` files with PNG sbit glyphs. It seems that this > vulnerability gets already actively used in the wild, so I ask all > users to apply the corresponding commit as soon as possible. > > Tomorrow I will do a 2.10.4 release. Does this vulnerability affect older (< 2.10.3) versions of FreeType as well? >
