| Description: | Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.
Security Fix(es):
poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc (CVE-2019-7310)
poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc (CVE-2019-9200)
poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc (CVE-2019-10871)
poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc (CVE-2019-12293)
poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc (CVE-2018-18897)
poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc (CVE-2018-20481)
poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c (CVE-2018-20551)
poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc (CVE-2018-20650)
poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662)
poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631)
poppler: stack consumption in function Dict::find() in Dict.cc (CVE-2019-9903)
poppler: integer overflow in JPXStream::init function leading to memory consumption (CVE-2019-9959)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
|