From 28ad0fa90d5cdc0a012c0dc53e05e5a32a3246e4 Mon Sep 17 00:00:00 2001
From: Simon McVittie <[EMAIL REDACTED]>
Date: Wed, 25 May 2022 20:38:43 +0100
Subject: [PATCH] CHANGES.txt: Mention CVE-2022-27470
Signed-off-by: Simon McVittie <smcv@collabora.com>
---
CHANGES.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGES.txt b/CHANGES.txt
index 6ab8d9a..5468aa1 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -12,6 +12,7 @@
* Added TTF_SetFontDirection() and TTF_SetFontScriptName() for additional control over fonts using HarfBuzz
* Updated to FreeType version 2.12.1 and HarfBuzz version 2.9.1, fixing CVE-2018-25032
* Fixed crash when loading fonts at certain sizes on Windows
+ * Fix memory corruption loading malformed TTF files (CVE-2022-27470)
2.0.18:
Ozkan Sezer - Wed Jan 5 14:15:46 PST 2022