SUSE-SU-2023:3303-1

Опубликовано: 14 авг. 2023

Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache. (bsc#1150039)

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

libpoppler44-0.24.4-14.29.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233303-1/
Link for SUSE-SU-2023:3303-1
https://lists.suse.com/pipermail/sle-updates/2023-August/031003.html
E-Mail link for SUSE-SU-2023:3303-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1150039
SUSE Bug 1150039
https://www.suse.com/security/cve/CVE-2019-16115/
SUSE CVE CVE-2019-16115 page

Описание

In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in IdentityFunction::transform in Function.cc, used by GfxAxialShading::getColor. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It allows an attacker to use a crafted PDF file to cause Denial of Service or possibly unspecified other impact.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-16115.html
CVE-2019-16115
https://bugzilla.suse.com/1150039
SUSE Bug 1150039
https://bugzilla.suse.com/1225040
SUSE Bug 1225040

SUSE-SU-2023:3303-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

Ссылки

Уязвимость: CVE-2019-16115

Описание

Затронутые продукты

Ссылки