Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:4942-1

Опубликовано: 21 дек. 2023
Источник: suse-cvrf

Описание

Security update for poppler

This update for poppler fixes the following issues:

  • CVE-2018-20662: PDFDoc setup in PDFDoc.cc allows attackers to cause DOS because of a wrong return value from PDFDoc:setup (bsc#1120956).

Список пакетов

SUSE Linux Enterprise Server 12 SP5
libpoppler-glib8-0.43.0-16.43.1
libpoppler-qt4-4-0.43.0-16.43.1
libpoppler60-0.43.0-16.43.1
poppler-tools-0.43.0-16.43.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libpoppler-glib8-0.43.0-16.43.1
libpoppler-qt4-4-0.43.0-16.43.1
libpoppler60-0.43.0-16.43.1
poppler-tools-0.43.0-16.43.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libpoppler-cpp0-0.43.0-16.43.1
libpoppler-devel-0.43.0-16.43.1
libpoppler-glib-devel-0.43.0-16.43.1
libpoppler-qt4-devel-0.43.0-16.43.1
typelib-1_0-Poppler-0_18-0.43.0-16.43.1

Ссылки

Описание

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:libpoppler-glib8-0.43.0-16.43.1
SUSE Linux Enterprise Server 12 SP5:libpoppler-qt4-4-0.43.0-16.43.1
SUSE Linux Enterprise Server 12 SP5:libpoppler60-0.43.0-16.43.1
SUSE Linux Enterprise Server 12 SP5:poppler-tools-0.43.0-16.43.1
Ссылки