[ubuntu/bionic-security] poppler 0.62.0-2ubuntu2.11 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Nov 25 18:00:48 UTC 2020


poppler (0.62.0-2ubuntu2.11) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow in Parser::makeStream
    - debian/patches/CVE-2018-21009.patch: check for overflow in
      poppler/Parser.cc.
    - CVE-2018-21009
  * SECURITY UPDATE: buffer overread in PSOutputDev::checkPageSlice
    - debian/rules: build with SPLASH_CMYK=ON.
    - debian/patches/CVE-2019-10871-fix.patch: fix wrong width condition in
      splash/SplashBitmap.cc.
    - debian/patches/CVE-2019-10871-fix2.patch: add missing
      splashModeDeviceN8 in two switch statements in
      poppler/SplashOutputDev.cc.
    - CVE-2019-10871
  * SECURITY UPDATE: integer overflow leading to large memory allocation
    - debian/patches/CVE-2019-9959.patch: ignore dict Length if clearly
      broken in poppler/JPEG2000Stream.cc.
    - CVE-2019-9959
  * SECURITY UPDATE: DoS via buffer overflow in pdftohtml
    - debian/patches/CVE-2020-27778.patch: properly initialize
      HtmlOutputDev::page in utils/HtmlOutputDev.cc.
    - CVE-2020-27778

Date: 2020-11-25 13:50:36.732607+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/poppler/0.62.0-2ubuntu2.11
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list