Red Hat Security Advisory: mingw-freetype and spice-client-win security update

CVE-2025-27363 — freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-32050 — libsoup: Integer overflow in append_param_quoted CVE-2025-32052 — libsoup: Heap buffer overflow in sniff_unknown() CVE-2025-32053 — libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() CVE-2025-32906 — libsoup: Out of bounds reads in soup_headers_parse_request() CVE-2025-32907 — libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header CVE-2025-32909 — libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c CVE-2025-32910 — libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication CVE-2025-32911 — libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value CVE-2025-32913 — libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header