(In reply to Mikhail Kasimov from comment #0) > Due to https://security-tracker.debian.org/tracker/CVE-2017-7858 info, this > bug can already be fixed. So, please, check that. ================================================================= - freetype <not-affected> (Vulnerable code introduced in 2.6.4) Introduced after: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=813aca51d28704f7ffc470721167738fa8decb3d Fixed by: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738 =================================================================