Описание
Security update for poppler
This update for poppler fixes the following issues:
- CVE-2017-7511: Fixed a NULL pointer dereference in pdfunite (bsc#1041783)
- CVE-2018-20662: PDFDoc setup in PDFDoc.cc allows attackers to cause DOS because of a wrong return value from PDFDoc:setup (bsc#1120956).
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP5
libpoppler44-0.24.4-14.44.1
Ссылки
- Link for SUSE-SU-2023:4941-1
- E-Mail link for SUSE-SU-2023:4941-1
- SUSE Security Ratings
- SUSE Bug 1041783
- SUSE Bug 1120956
- SUSE CVE CVE-2017-7511 page
- SUSE CVE CVE-2018-20662 page
Описание
poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.44.1
Ссылки
- CVE-2017-7511
- SUSE Bug 1041783
Описание
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libpoppler44-0.24.4-14.44.1
Ссылки
- CVE-2018-20662
- SUSE Bug 1120939
- SUSE Bug 1120956
- SUSE Bug 1214622