GHSA-2mhw-8qcg-gr96: skia-python vendors vulnerable libfreetype because of pinned cibuildwheel version

The Linux wheels for skia-python vendor a vulnerable version of libfreetype that is affected by CVE-2025-27363 [1].

The root cause is a chain of unfortunate events:

1. skia-python builds wheels using pinned pypa/cibuildwheel@2.21.3 [2]

2. cibuildwheel 2.21.3 in turn pins manylinux container images [3]

3. In these images, version 2.9.1-9.el8 of RedHat package freetype is preinstalled. This package version is vulnerable and has since been patched in 2.9.1-10.

4. During the skia-python Linux build, libfreetype is vendored from the system, resulting in skia-python.libs/libfreetype-29a7443c.so.6.16.1

[ To find the provenance of your vendored libfreetype, we extracted the 8-character hash of the original binary file that is added during the build process (29a7443c), and matched it against our database of hashes all historic Red Hat, Debian and Ubuntu releases of freetype. ]

5. Because freetype is only a transitive dependency of the packages explicitly installed by the build script [4], it is not upgraded to the patched version [4].

6. As a result, the published wheels embed a vulnerable libfreetype, even though patched packages are available upstream.

This appears to be a broader manylinux ecosystem issue. The base images do not enforce that yum update runs on container start, so preinstalled libraries may remain vulnerable indefinitely.