[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.9 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Jan 8 14:15:49 UTC 2018
poppler (0.24.5-2ubuntu4.9) trusty-security; urgency=medium
* SECURITY UPDATE: fails to validate boundaries in TextPool::addWord
leading to overflow
- debian/patches/CVE-2017-1000456.patch: fix crash in fuzzed file in
poppler/TextOutputDev.cc.
- CVE-2017-1000456
* SECURITY UPDATE: has a heap-based buffer over-read vulnerability
- debian/patches/CVE-2017-14976.patch: fix crash in broken files in
fofi/FoFiType1C.cc.
- CVE-2017-14976
Date: 2018-01-04 19:23:14.650976+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.9
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list