Just FYI, a CVE has been published for WebKit setting up a custom allocator for FreeType but Cairo using the standard free() call instead of calling FreeType to dispose of memory from it:
https://bugs.webkit.org/show_bug.cgi?id=191595 https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19876 -- -Alan Coopersmith- alan.coopersm...@oracle.com Oracle Solaris Engineering - https://blogs.oracle.com/alanc _______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/freetype-devel