Oval Definition:oval:org.opensuse.security:def:56515
Revision Date:2020-12-01Version:1
Title:Security update for poppler (Moderate)
Description:

This update for poppler fixes the following issues:

These security issues were fixed:

- CVE-2017-14517: Prevent NULL Pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066). - CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have allowed attackers to facilitate a denial-of-service attack via specially crafted PDF documents. (bsc#1045939) - CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document. (bsc#1059101) - CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155) - CVE-2017-14617: Fixed a floating point exception in Stream.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1060220) - CVE-2017-14928: Fixed a NULL Pointer dereference in AnnotRichMedia::Configuration::Configuration() in Annot.cc, which may lead to a potential attack when handling malicious PDF files. (bsc#1061092) - CVE-2017-14975: Fixed a NULL pointer dereference vulnerability, that existed because a data structure in FoFiType1C.cc was not initialized, which allowed an attacker to launch a denial of service attack. (bsc#1061263) - CVE-2017-14976: Fixed a heap-based buffer over-read vulnerability in FoFiType1C.cc that occurred when an out-of-bounds font dictionary index was encountered, which allowed an attacker to launch a denial of service attack. (bsc#1061264) - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265) - CVE-2017-15565: Prevent NULL Pointer dereference in the GfxImageColorMap::getGrayLine() function via a crafted PDF document (bsc#1064593). - CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations (bsc#1074453).
Family:unixClass:patch
Status:Reference(s):1004490
1006368
1007249
1009961
1045939
1059066
1059101
1059155
1060220
1061092
1061263
1061264
1061265
1064593
1068032
1074453
1078431
1083125
1085447
1089533
1090368
1090646
1094508
1097410
1103276
1106019
1106222
1106873
1110910
1111006
1111010
1111013
1111014
1114422
1119069
1119105
1145092
578053
966435
966436
974208
978260
983015
987198
988408
989566
992534
995058
995102
995620
996015
999582
CVE-2007-4772
CVE-2012-2451
CVE-2013-1571
CVE-2014-3230
CVE-2014-3801
CVE-2015-5295
CVE-2016-0766
CVE-2016-0773
CVE-2016-5384
CVE-2016-8867
CVE-2017-1000456
CVE-2017-13166
CVE-2017-14517
CVE-2017-14518
CVE-2017-14520
CVE-2017-14617
CVE-2017-14928
CVE-2017-14975
CVE-2017-14976
CVE-2017-14977
CVE-2017-15565
CVE-2017-5715
CVE-2017-9865
CVE-2018-0495
CVE-2018-10839
CVE-2018-12384
CVE-2018-12404
CVE-2018-12405
CVE-2018-14618
CVE-2018-15468
CVE-2018-15746
CVE-2018-17466
CVE-2018-17958
CVE-2018-17962
CVE-2018-17963
CVE-2018-18492
CVE-2018-18493
CVE-2018-18494
CVE-2018-18498
CVE-2018-18849
CVE-2018-2562
CVE-2018-2612
CVE-2018-2622
CVE-2018-2640
CVE-2018-2665
CVE-2018-2668
CVE-2018-8781
CVE-2018-8897
CVE-2019-10208
SUSE-SU-2016:0555-1
SUSE-SU-2016:2190-1
SUSE-SU-2016:3084-1
SUSE-SU-2018:0056-1
SUSE-SU-2018:0697-1
SUSE-SU-2018:1509-1
SUSE-SU-2018:1662-1
SUSE-SU-2018:2715-1
SUSE-SU-2018:3332-1
SUSE-SU-2018:4236-1
SUSE-SU-2018:4237-1
SUSE-SU-2019:2158-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kcoreaddons-5.45.0-lp150.1 is installed
  • OR kcoreaddons-lang-5.45.0-lp150.1 is installed
  • OR libKF5CoreAddons5-5.45.0-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chromedriver-74.0.3729.157-lp151.2.3 is installed
  • OR chromium-74.0.3729.157-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libpoppler-glib8-0.43.0-16.15 is installed
  • OR libpoppler-qt4-4-0.43.0-16.15 is installed
  • OR libpoppler60-0.43.0-16.15 is installed
  • OR poppler-0.43.0-16.15 is installed
  • OR poppler-qt-0.43.0-16.15 is installed
  • OR poppler-tools-0.43.0-16.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND perl-Config-IniFiles-2.82-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_69-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_69-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • qemu-2.6.2-41.43 is installed
  • OR qemu-block-curl-2.6.2-41.43 is installed
  • OR qemu-block-rbd-2.6.2-41.43 is installed
  • OR qemu-block-ssh-2.6.2-41.43 is installed
  • OR qemu-guest-agent-2.6.2-41.43 is installed
  • OR qemu-ipxe-1.0.0-41.43 is installed
  • OR qemu-kvm-2.6.2-41.43 is installed
  • OR qemu-lang-2.6.2-41.43 is installed
  • OR qemu-seabios-1.9.1-41.43 is installed
  • OR qemu-sgabios-8-41.43 is installed
  • OR qemu-tools-2.6.2-41.43 is installed
  • OR qemu-vgabios-1.9.1-41.43 is installed
  • OR qemu-x86-2.6.2-41.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_73-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_21-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • giflib-progs-5.0.5-12 is installed
  • OR libgif6-5.0.5-12 is installed
  • OR libgif6-32bit-5.0.5-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_140-94_42-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • adns-1.4-103.3 is installed
  • OR libadns1-1.4-103.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND git-core-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-heat-5.0.2~a0~dev9-1 is installed
  • OR openstack-heat-api-5.0.2~a0~dev9-1 is installed
  • OR openstack-heat-api-cfn-5.0.2~a0~dev9-1 is installed
  • OR openstack-heat-api-cloudwatch-5.0.2~a0~dev9-1 is installed
  • OR openstack-heat-engine-5.0.2~a0~dev9-1 is installed
  • OR openstack-heat-plugin-heat_docker-5.0.2~a0~dev9-1 is installed
  • OR python-heat-5.0.2~a0~dev9-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.6_05-43.42 is installed
  • OR xen-doc-html-4.7.6_05-43.42 is installed
  • OR xen-libs-4.7.6_05-43.42 is installed
  • OR xen-libs-32bit-4.7.6_05-43.42 is installed
  • OR xen-tools-4.7.6_05-43.42 is installed
  • OR xen-tools-domU-4.7.6_05-43.42 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
  • OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-68.7.0-109.116 is installed
  • OR MozillaFirefox-translations-common-68.7.0-109.116 is installed
    • BACK