I've just fixed a heap buffer overflow that can happen for some malformed `.ttf` files with PNG sbit glyphs. It seems that this vulnerability gets already actively used in the wild, so I ask all users to apply the corresponding commit as soon as possible.
Tomorrow I will do a 2.10.4 release.
Werner
