logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLED12 / SLES12 Security Update : qpdf (SUSE-SU-2018:3066-1)

Description

This update for qpdf fixes the following issues : qpdf was updated to 7.1.1. Security issues fixed : CVE-2017-11627: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050577). CVE-2017-11625: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050579). CVE-2017-11626: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050578). CVE-2017-11624: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050581). CVE-2017-12595: Stack overflow when processing deeply nested arrays and dictionaries (bsc#1055960). CVE-2017-9209: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040312). CVE-2017-9210: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040313). CVE-2017-9208: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040311). - Check release notes for detailed bug fixes. - http://qpdf.sourceforge.net/files/qpdf-manual.html#ref.release-notes Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related