[ubuntu/trusty-updates] poppler 0.24.5-2ubuntu4.9 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jan 8 14:58:16 UTC 2018
poppler (0.24.5-2ubuntu4.9) trusty-security; urgency=medium
* SECURITY UPDATE: fails to validate boundaries in TextPool::addWord
leading to overflow
- debian/patches/CVE-2017-1000456.patch: fix crash in fuzzed file in
poppler/TextOutputDev.cc.
- CVE-2017-1000456
* SECURITY UPDATE: has a heap-based buffer over-read vulnerability
- debian/patches/CVE-2017-14976.patch: fix crash in broken files in
fofi/FoFiType1C.cc.
- CVE-2017-14976
Date: 2018-01-04 19:23:14.650976+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.9
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list