logo
DATABASE RESOURCES PRICING ABOUT US

poppler - security update

Description

Several issues in poppler, a PDF rendering library, have been fixed. * [CVE-2018-20650](https://security-tracker.debian.org/tracker/CVE-2018-20650) A missing check for the dict data type could lead to a denial of service. * [CVE-2018-21009](https://security-tracker.debian.org/tracker/CVE-2018-21009) An integer overflow might happen in Parser::makeStream. * [CVE-2019-12493](https://security-tracker.debian.org/tracker/CVE-2019-12493) A stack-based buffer over-read by a crafted PDF file might happen in PostScriptFunction::transform because some functions mishandle tint transformation. For Debian 8 Jessie, these problems have been fixed in version 0.26.5-2+deb8u11. We recommend that you upgrade your poppler packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: <https://wiki.debian.org/LTS>


Affected Software


CPE Name Name Version
poppler 0.26.5-2
poppler 0.26.5-2+deb8u1
poppler 0.26.5-2+deb8u10
poppler 0.26.5-2+deb8u1~bpo70+1
poppler 0.26.5-2+deb8u2
poppler 0.26.5-2+deb8u3
poppler 0.26.5-2+deb8u4
poppler 0.26.5-2+deb8u5
poppler 0.26.5-2+deb8u6
poppler 0.26.5-2+deb8u7
poppler 0.26.5-2+deb8u8
poppler 0.26.5-2+deb8u9

Related