Описание
Security update for podofo
This update for podofo fixes the following issues:
- CVE-2018-12983: Fixed a stack overrun (bsc#1099719).
Список пакетов
openSUSE Leap 15.3
libpodofo-devel-0.9.6-150300.3.6.1
libpodofo0_9_6-0.9.6-150300.3.6.1
podofo-0.9.6-150300.3.6.1
openSUSE Leap 15.4
libpodofo-devel-0.9.6-150300.3.6.1
libpodofo0_9_6-0.9.6-150300.3.6.1
podofo-0.9.6-150300.3.6.1
Ссылки
- Link for SUSE-SU-2022:3833-1
- E-Mail link for SUSE-SU-2022:3833-1
- SUSE Security Ratings
- SUSE Bug 1099719
- SUSE CVE CVE-2018-12983 page
Описание
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.
Затронутые продукты
openSUSE Leap 15.3:libpodofo-devel-0.9.6-150300.3.6.1
openSUSE Leap 15.3:libpodofo0_9_6-0.9.6-150300.3.6.1
openSUSE Leap 15.3:podofo-0.9.6-150300.3.6.1
openSUSE Leap 15.4:libpodofo-devel-0.9.6-150300.3.6.1
Ссылки
- CVE-2018-12983
- SUSE Bug 1099719