Jay Freeman

**Name of the Vulnerable Software and Affected Versions** @eth-optimism/l2geth versions prior to 0.5.11 **Description** The issue allows economic griefing because a balance is duplicated upon contract self-destruction. **Recommendations** For versions prior to 0.5.11, update to version 0.5.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** freetype versions 2.3.11 through 2.4.7 freetype version 2.3.11 **Description** The issue is related to an integer signedness error in the `t1decode.c` file of the FreeType library, which can be exploited remotely. This error allows attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crashes. The exploitation can occur via a crafted Type 1 font in a PDF document. There have been instances of this issue being exploited in the wild. **Recommendations** For freetype versions 2.3.11 through 2.4.7, update to version 2.4.8 or later to resolve the issue. For freetype version 2.3.11, update to version 2.4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `t1decode.c` function until a patch is available.