logo
DATABASE RESOURCES PRICING ABOUT US

Debian DLA-1939-1 : poppler security update

Description

Several issues in poppler, a PDF rendering library, have been fixed. CVE-2018-20650 A missing check for the dict data type could lead to a denial of service. CVE-2018-21009 An integer overflow might happen in Parser::makeStream. CVE-2019-12493 A stack-based buffer over-read by a crafted PDF file might happen in PostScriptFunction::transform because some functions mishandle tint transformation. For Debian 8 'Jessie', these problems have been fixed in version 0.26.5-2+deb8u11. We recommend that you upgrade your poppler packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related