| Revision Date: | 2017-11-08 | Version: | 1 |
| Title: | Security update for poppler (Moderate) |
| Description: |
This update for poppler fixes the following issues:
This security issue was fixed:
- CVE-2017-14517: Prevent NULL Pointer dereference in the XRef::parseEntry() function via a crafted PDF document (bsc#1059066). - CVE-2017-14518: Remedy a floating point exception in isImageInterpolationRequired() that could have been exploited using a specially crafted PDF document. (bsc#1059101) - CVE-2017-14520: Remedy a floating point exception in Splash::scaleImageYuXd() that could have been exploited using a specially crafted PDF document. (bsc#1059155) - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock() function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. (bsc#1061265)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1059066
1059101
1059155
1061265
CVE-2017-14517
CVE-2017-14518
CVE-2017-14520
CVE-2017-14977
SUSE-SU-2017:2952-1
|
| Platform(s): | SUSE Linux Enterprise Server 12 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed AND libpoppler44-0.24.4-14.13.1 is installed
|