Описание
ELSA-2023-2259: poppler security and bug fix update (MODERATE)
[21.01.0-14]
- Check for overflow when computing number of symbols
- in JBIG2 text region
- Resolves: #2126364
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
poppler
21.01.0-14.el9
poppler-cpp
21.01.0-14.el9
poppler-cpp-devel
21.01.0-14.el9
poppler-devel
21.01.0-14.el9
poppler-glib
21.01.0-14.el9
poppler-glib-devel
21.01.0-14.el9
poppler-qt5
21.01.0-14.el9
poppler-qt5-devel
21.01.0-14.el9
poppler-utils
21.01.0-14.el9
Oracle Linux x86_64
poppler
21.01.0-14.el9
poppler-cpp
21.01.0-14.el9
poppler-cpp-devel
21.01.0-14.el9
poppler-devel
21.01.0-14.el9
poppler-glib
21.01.0-14.el9
poppler-glib-devel
21.01.0-14.el9
poppler-qt5
21.01.0-14.el9
poppler-qt5-devel
21.01.0-14.el9
poppler-utils
21.01.0-14.el9
Связанные CVE
Связанные уязвимости
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Poppler prior to and including 22.08.0 contains an integer overflow in ...
