Sorry for flooding your inbox, the advisory from Meta also mentions that the flaw may have been exploited in the wild.
Would you be able to share some details on this, and how widespread the attacks are? Regards, Ravie On Thu, Mar 13, 2025 at 10:20 AM Ravie Lakshmanan <[email protected]> wrote: > Thanks a lot, Werner. > > Regards, > Ravie > > > On Thu, Mar 13, 2025 at 10:10 AM Werner LEMBERG <[email protected]> wrote: > >> >> > I am reaching out to see if I can get a comment from FreeType on >> > CVE-2025-27363, a security flaw that was recently disclosed by >> > Meta/Facebook. >> > >> > Is it also possible to shed some light on the exact version that >> > addresses the problem? >> >> See >> >> >> https://lists.nongnu.org/archive/html/freetype-devel/2025-03/msg00000.html >> >> In short: The fix has been incorporated since almost two years; >> FreeType versions larger than 2.13.0 are no longer affected. >> >> >> Werner >> >
