[ubuntu/zesty-updates] poppler 0.48.0-2ubuntu2.3 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Fri Oct 6 15:28:17 UTC 2017
poppler (0.48.0-2ubuntu2.3) zesty-security; urgency=medium
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
documents in splash/Splash.cc.
- CVE-2017-14518
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
srcWidth is less than 1 in splash/Splash.cc.
- CVE-2017-14520
* SECURITY UPDATE: Floating point exception in ImageStream
- debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
poppler/Stream.cc.
- CVE-2017-14617
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14926.patch: Fix crash on broken files
in poppler/Annot.cc.
- CVE-2017-14926
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14928.patch: Fix crash broken files
in poppler/Annot.cc.
- CVE-2017-14928
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2017-14929.patch: Fix infinite recursion
in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
- CVE-2017-14929
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14975
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
fofi/FoFiTrueType.cc.
- CVE-2017-14977
* SECURITY UPDATE: Integer overflow and heap overflow
- debian/patches/CVE-2017-9776.patch: fix malformed documents
in poppler/JBIG2Stream.cc.
- CVE-2017-9776
Date: 2017-10-04 15:39:22.425691+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/poppler/0.48.0-2ubuntu2.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list