{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Security update for freetype2","title":"Title of the patch"},{"category":"description","text":"This update for freetype2 to version 2.10.1 fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c (bsc#1079603).\n\nNon-security issues fixed:\n\n- Update to version 2.10.1\n  * The bytecode hinting of OpenType variation fonts was flawed, since\n    the data in the `CVAR' table wasn't correctly applied.\n  * Auto-hinter support for Mongolian.\n  * The handling of  the default character in PCF fonts as  introduced\n    in version 2.10.0 was partially broken, causing premature abortion\n    of charmap iteration for many fonts.\n  * If  `FT_Set_Named_Instance' was  called  with  the same  arguments\n    twice in a row, the function  returned an incorrect error code the\n    second time.\n  * Direct   rendering   using  FT_RASTER_FLAG_DIRECT   crashed   (bug\n    introduced in version 2.10.0).\n  * Increased  precision  while  computing  OpenType  font   variation\n    instances.\n  * The  flattening  algorithm of  cubic  Bezier  curves was  slightly\n    changed to make  it faster.  This can cause  very subtle rendering\n    changes, which aren't noticeable by the eye, however.\n  * The  auto-hinter  now  disables hinting  if there  are blue  zones\n    defined for a `style' (i.e., a certain combination of a script and\n    its related typographic features) but the font doesn't contain any\n    characters needed to set up at least one blue zone.\n- Add tarball signatures and freetype2.keyring\n\n- Update to version 2.10.0\n  * A bunch of new functions has been added to access and process\n    COLR/CPAL data of OpenType fonts with color-layered glyphs.\n  * As a GSoC 2018 project, Nikhil Ramakrishnan completely\n    overhauled and modernized the API reference.\n  * The logic for computing the global ascender, descender, and\n    height of OpenType fonts has been slightly adjusted for\n    consistency.\n  * `TT_Set_MM_Blend' could fail if called repeatedly with the same\n    arguments.\n  * The precision of handling deltas in Variation Fonts has been\n    increased.The problem did only show up with multidimensional\n    designspaces.\n  * New function `FT_Library_SetLcdGeometry' to set up the geometry\n    of LCD subpixels.\n  * FreeType now uses the `defaultChar' property of PCF fonts to set\n    the  glyph for  the undefined  character  at glyph  index 0  (as\n    FreeType already does for all other supported font formats).  As\n    a consequence, the order of glyphs of a PCF font if accessed\n    with  FreeType can be different now compared to previous\n    versions.\n    This change doesn't affect PCF font access with cmaps.\n  * `FT_Select_Charmap' has been changed to allow  parameter value\n    `FT_ENCODING_NONE', which is valid for BDF, PCF, and Windows FNT\n    formats to access built-in cmaps that don't have a predefined\n    `FT_Encoding' value.\n  * A previously reserved field in the `FT_GlyphSlotRec' structure\n    now holds the glyph index.\n  * The usual round of fuzzer bug fixes to better reject malformed\n    fonts.\n  * `FT_Outline_New_Internal' and `FT_Outline_Done_Internal' have\n    been removed.These two functions were public by oversight only\n    and were never documented.\n  * A new function `FT_Error_String' returns descriptions of error\n    codes if configuration macro FT_CONFIG_OPTION_ERROR_STRINGS is\n    defined.\n  * `FT_Set_MM_WeightVector' and `FT_Get_MM_WeightVector' are new\n    functions limited to Adobe MultiMaster fonts to directly set and\n    get the weight vector.\n\n- Enable subpixel rendering with infinality config:\n\n- Re-enable freetype-config, there is just too many fallouts. \n\n- Update to version 2.9.1\n  * Type 1 fonts containing flex features were not rendered\n    correctly (bug introduced in version 2.9).\n  * CVE-2018-6942: Older FreeType versions can crash with certain\n    malformed variation fonts.\n  * Bug fix: Multiple calls to `FT_Get_MM_Var' returned garbage.\n  * Emboldening of bitmaps didn't work correctly sometimes, showing\n    various artifacts (bug introduced in version 2.8.1).\n  * The auto-hinter script ranges have  been updated for Unicode 11.\n    No support for new scripts have been added, however,  with the\n    exception of Georgian Mtavruli.\n- freetype-config is now deprecated by upstream and not enabled\n  by default.\n\n- Update to version 2.10.1\n  * The `ftmulti' demo program now  supports multiple hidden axes with\n    the same name tag.\n  * `ftview', `ftstring', and `ftgrid' got  a `-k' command line option\n    to emulate a sequence of keystrokes at start-up.\n  * `ftview', `ftstring', and `ftgrid' now support screen dumping to a\n    PNG file.\n  * The bytecode debugger, `ttdebug',  now supports variation TrueType\n    fonts; a variation font instance can be selected with the new `-d'\n    command line option.\n- Add tarball signatures and freetype2.keyring\n\n- Update to version 2.10.0\n  * The  `ftdump' demo  program has new options `-c'  and `-C'  to\n    display charmaps in compact and detailed format, respectively.\n    Option `-V' has been removed.\n  * The `ftview', `ftstring', and `ftgrid' demo programs use a new\n    command line option `-d' to specify the program window's width,\n    height, and color depth.\n  * The `ftview' demo program now displays red boxes for zero-width\n    glyphs.\n  * `ftglyph' has limited support to display fonts with\n    color-layered glyphs.This will be improved later on.\n  * `ftgrid' can now display bitmap fonts also.\n  * The `ttdebug' demo program has a new option `-f' to select a\n    member of a TrueType collection (TTC).\n  * Other various improvements to the demo programs.\n\n- Remove 'Supplements: fonts-config' to avoid accidentally pulling\n  in Qt dependencies on some non-Qt based desktops.(bsc#1091109)\n  fonts-config is fundamental but ft2demos seldom installs by end users.\n  only fonts-config maintainers/debuggers may use ft2demos along to\n  debug some issues. \n\n- Update to version 2.9.1\n  * No changelog upstream.\n\nThis update was imported from the SUSE:SLE-15:Update update project.","title":"Description of the patch"},{"category":"details","text":"openSUSE-2020-704","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0704-1.json"},{"category":"self","summary":"URL for openSUSE-SU-2020:0704-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7HRHABTHHJKCUCCIG4MN5VYZ47BLAVKH/"},{"category":"self","summary":"E-Mail link for openSUSE-SU-2020:0704-1","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7HRHABTHHJKCUCCIG4MN5VYZ47BLAVKH/"},{"category":"self","summary":"SUSE Bug 1079603","url":"https://bugzilla.suse.com/1079603"},{"category":"self","summary":"SUSE Bug 1091109","url":"https://bugzilla.suse.com/1091109"},{"category":"self","summary":"SUSE CVE CVE-2018-6942 page","url":"https://www.suse.com/security/cve/CVE-2018-6942/"}],"title":"Security update for freetype2","tracking":{"current_release_date":"2020-05-23T18:14:34Z","generator":{"date":"2020-05-23T18:14:34Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2020:0704-1","initial_release_date":"2020-05-23T18:14:34Z","revision_history":[{"date":"2020-05-23T18:14:34Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"freetype2-devel-2.10.1-lp151.4.3.1.i586","product":{"name":"freetype2-devel-2.10.1-lp151.4.3.1.i586","product_id":"freetype2-devel-2.10.1-lp151.4.3.1.i586"}},{"category":"product_version","name":"libfreetype6-2.10.1-lp151.4.3.1.i586","product":{"name":"libfreetype6-2.10.1-lp151.4.3.1.i586","product_id":"libfreetype6-2.10.1-lp151.4.3.1.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","product":{"name":"freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","product_id":"freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"freetype2-devel-2.10.1-lp151.4.3.1.x86_64","product":{"name":"freetype2-devel-2.10.1-lp151.4.3.1.x86_64","product_id":"freetype2-devel-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","product":{"name":"freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","product_id":"freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ft2demos-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ft2demos-2.10.1-lp151.4.3.1.x86_64","product_id":"ft2demos-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftbench-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftbench-2.10.1-lp151.4.3.1.x86_64","product_id":"ftbench-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftdiff-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftdiff-2.10.1-lp151.4.3.1.x86_64","product_id":"ftdiff-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftdump-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftdump-2.10.1-lp151.4.3.1.x86_64","product_id":"ftdump-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftgamma-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftgamma-2.10.1-lp151.4.3.1.x86_64","product_id":"ftgamma-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftgrid-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftgrid-2.10.1-lp151.4.3.1.x86_64","product_id":"ftgrid-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftinspect-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftinspect-2.10.1-lp151.4.3.1.x86_64","product_id":"ftinspect-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftlint-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftlint-2.10.1-lp151.4.3.1.x86_64","product_id":"ftlint-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftmulti-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftmulti-2.10.1-lp151.4.3.1.x86_64","product_id":"ftmulti-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftstring-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftstring-2.10.1-lp151.4.3.1.x86_64","product_id":"ftstring-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftvalid-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftvalid-2.10.1-lp151.4.3.1.x86_64","product_id":"ftvalid-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"ftview-2.10.1-lp151.4.3.1.x86_64","product":{"name":"ftview-2.10.1-lp151.4.3.1.x86_64","product_id":"ftview-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"libfreetype6-2.10.1-lp151.4.3.1.x86_64","product":{"name":"libfreetype6-2.10.1-lp151.4.3.1.x86_64","product_id":"libfreetype6-2.10.1-lp151.4.3.1.x86_64"}},{"category":"product_version","name":"libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64","product":{"name":"libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64","product_id":"libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Leap 15.1","product":{"name":"openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1","product_identification_helper":{"cpe":"cpe:/o:opensuse:leap:15.1"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"freetype2-devel-2.10.1-lp151.4.3.1.i586 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.i586"},"product_reference":"freetype2-devel-2.10.1-lp151.4.3.1.i586","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"freetype2-devel-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"freetype2-devel-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch"},"product_reference":"freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ft2demos-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ft2demos-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ft2demos-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftbench-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftbench-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftbench-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftdiff-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftdiff-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftdiff-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftdump-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftdump-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftdump-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftgamma-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftgamma-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftgamma-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftgrid-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftgrid-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftgrid-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftinspect-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftinspect-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftinspect-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftlint-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftlint-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftlint-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftmulti-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftmulti-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftmulti-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftstring-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftstring-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftstring-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftvalid-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftvalid-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftvalid-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"ftview-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:ftview-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"ftview-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"libfreetype6-2.10.1-lp151.4.3.1.i586 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.i586"},"product_reference":"libfreetype6-2.10.1-lp151.4.3.1.i586","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"libfreetype6-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"libfreetype6-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"},{"category":"default_component_of","full_product_name":{"name":"libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64 as component of openSUSE Leap 15.1","product_id":"openSUSE Leap 15.1:libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64"},"product_reference":"libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64","relates_to_product_reference":"openSUSE Leap 15.1"}]},"vulnerabilities":[{"cve":"CVE-2018-6942","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-6942"}],"notes":[{"category":"general","text":"An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","openSUSE Leap 15.1:ft2demos-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftbench-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdiff-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdump-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgamma-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgrid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftinspect-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftlint-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftmulti-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftstring-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftvalid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftview-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2018-6942","url":"https://www.suse.com/security/cve/CVE-2018-6942"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","openSUSE Leap 15.1:ft2demos-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftbench-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdiff-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdump-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgamma-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgrid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftinspect-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftlint-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftmulti-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftstring-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftvalid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftview-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.0"},"products":["openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:freetype2-devel-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-devel-32bit-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:freetype2-profile-tti35-2.10.1-lp151.4.3.1.noarch","openSUSE Leap 15.1:ft2demos-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftbench-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdiff-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftdump-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgamma-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftgrid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftinspect-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftlint-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftmulti-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftstring-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftvalid-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:ftview-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.i586","openSUSE Leap 15.1:libfreetype6-2.10.1-lp151.4.3.1.x86_64","openSUSE Leap 15.1:libfreetype6-32bit-2.10.1-lp151.4.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2020-05-23T18:14:34Z","details":"moderate"}],"title":"CVE-2018-6942"}]}