[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.7 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Fri Oct 6 14:54:13 UTC 2017

poppler (0.24.5-2ubuntu4.7) trusty-security; urgency=medium

  * SECURITY UPDATE: Floating point exception
    - debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
      documents in splash/Splash.cc.
    - CVE-2017-14518
  * SECURITY UPDATE: Floating point exception
    - debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
      srcWidth is less than 1 in splash/Splash.cc.
    - CVE-2017-14520
  * SECURITY UPDATE: Floating point exception in ImageStream
    - debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
    - CVE-2017-14617
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2017-14929.patch: Fix infinite recursion
      in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
    - CVE-2017-14929
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
    - CVE-2017-14975
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
    - CVE-2017-14977
  * SECURITY UPDATE: Integer overflow and heap overflow
    - debian/patches/CVE-2017-9776.patch: fix malformed documents
      in poppler/JBIG2Stream.cc.
    - CVE-2017-9776

Date: 2017-10-05 14:28:02.168649+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list