| Revision Date: | 2019-07-15 | Version: | 1 |
| Title: | Security update for podofo (Moderate) |
| Description: |
This update for podofo fixes the following issues:
Security issues fixed:
- CVE-2017-8054: Fixed a vulnerability in PdfPagesTree::GetPageNodeFromArray function which could allow remote attackers to cause Denial of Service (bsc#1035596). - CVE-2018-5783: Fixed an uncontrolled memory allocation in PdfVecObjects::Reserve function (bsc#1076962). - CVE-2018-11255: Fixed a null pointer dereference in PdfPage::GetPageNumber() function which could lead to Denial of Service (bsc#1096890). - CVE-2018-20751: Fixed a null pointer dereference in crop_page function (bsc#1124357). - CVE-2018-12982: Fixed an invalid memory read in PdfVariant::DelayedLoad() function which could allow remote attackers to cause Denial of Service (bsc#1099720). - Fixed a buffer overflow in TestEncrypt function. - Fixed a null pointer dereference in PdfTranslator-setTarget function. - Fixed a heap based buffer overflow PdfVariant:DelayedLoad function.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1035596
1076962
1096890
1099720
1124357
CVE-2017-8054
CVE-2018-11255
CVE-2018-12982
CVE-2018-20751
CVE-2018-5783
SUSE-SU-2019:1849-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed AND libpodofo0_9_2-0.9.2-3.9.2 is installed
|