[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.7 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Fri Oct 6 14:54:13 UTC 2017
poppler (0.24.5-2ubuntu4.7) trusty-security; urgency=medium
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
documents in splash/Splash.cc.
- CVE-2017-14518
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
srcWidth is less than 1 in splash/Splash.cc.
- CVE-2017-14520
* SECURITY UPDATE: Floating point exception in ImageStream
- debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
poppler/Stream.cc.
- CVE-2017-14617
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2017-14929.patch: Fix infinite recursion
in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
- CVE-2017-14929
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14975
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
fofi/FoFiTrueType.cc.
- CVE-2017-14977
* SECURITY UPDATE: Integer overflow and heap overflow
- debian/patches/CVE-2017-9776.patch: fix malformed documents
in poppler/JBIG2Stream.cc.
- CVE-2017-9776
Date: 2017-10-05 14:28:02.168649+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list