[ubuntu/xenial-updates] poppler 0.41.0-0ubuntu1.6 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Jan 8 14:58:17 UTC 2018
poppler (0.41.0-0ubuntu1.6) xenial-security; urgency=medium
* SECURITY UPDATE: fails to validate boundaries in TextPool::addWord
leading to overflow
- debian/patches/CVE-2017-1000456.patch: fix crash in fuzzed file in
poppler/TextOutputDev.cc.
- CVE-2017-1000456
* SECURITY UPDATE: has a heap-based buffer over-read vulnerability
- debian/patches/CVE-2017-14976.patch: fix crash in broken files in
fofi/FoFiType1C.cc.
- CVE-2017-14976
Date: 2018-01-04 19:46:14.641594+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list