> We have located a potential vulnerability: Heap Use-After-Free in > FT_Bitmap_Copy via Lazy Bitmap Ownership Transfer.
Thanks. However, ... > We did not find a security report page for FreeType so we sent this > email to you. ... you seem to have missed the section 'Reporting a Bug' on page https://freetype.org/developer.html that you can reach if you follow the big, large 'Development' item in the menu on the top-level page of 'freetype.org', then clicking on 'Bug Reports'. It would have told you to file an issue in our bug tracker at https://gitlab.freedesktop.org/groups/freetype/-/issues which also supports confidential (i.e., non-public) reports. Please do so the next time! Werner
