Meta disclosed a high-priority remote code execution vulnerability in freetype earlier this week, CVE-2025-27363. Patches are available for testing in #AlmaLinux
PRs are open against CentOS Stream 8 and 9, but unmerged at this time.
AlmaLinux OS
Call for testing - FreeType CVE-2025-27363
UPDATE March 17th, 2025 - these patches have now been released to production for AlmaLinux users.
The Announcement
On Monday Meta announced a flaw ...