15 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to...
Mageia: Security Advisory (MGASA-2017-0237)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qpdf (EulerOS-SA-2021-2442)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qpdf (EulerOS-SA-2021-1843)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : qpdf (SUSE-SU-2018:3066-2)
This update for qpdf fixes the following issues : qpdf was updated to 7.1.1. Security issues fixed : CVE-2017-11627: A stack-consumption vulnerability which allows attackers to cause DoS bsc1050577. CVE-2017-11625: A stack-consumption vulnerability which allows attackers to cause DoS bsc1050579...
SUSE SLED12 / SLES12 Security Update : qpdf (SUSE-SU-2018:3066-1)
This update for qpdf fixes the following issues : qpdf was updated to 7.1.1. Security issues fixed : CVE-2017-11627: A stack-consumption vulnerability which allows attackers to cause DoS bsc1050577. CVE-2017-11625: A stack-consumption vulnerability which allows attackers to cause DoS bsc1050579...
Fedora Update for qpdf FEDORA-2018-d7ea552cde
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : cups-filters / qpdf (2017-a05e2b8545)
Patches solving CVEs in qpdf changes API, so cups-filters needed to be rebuilt with it. ---- Reverting changes from previous update Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatical...
Fedora Update for qpdf FEDORA-2017-a05e2b8545
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : cups-filters / qpdf (2017-191d7ec089)
Adding patches for CVEs in qpdf does binary incompatibility, so cups-filters needed to be rebuilt. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for qpdf FEDORA-2017-e58a762c3f
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated qpdf packages fix security vulnerabilities
This snapshot of the upstream development branch 6.0 of qpdf fixes several infinite loop vulnerabilities: CVE-2017-9208, CVE-2017-9209, CVE-2017-9210, CVE-2017-11624, CVE-2017-11625, CVE-2017-11626, CVE-2017-11627. For Mageia 5, the cups-filters package was also rebuilt against this new major...
CVE-2017-9208
CVE-2017-9208 is a vulnerability in libqpdf.a of QPDF 6.0.0 where a crafted PDF can trigger infinite recursion and stack consumption, causing a denial of service. The issue is linked to the releaseResolved functions, i.e., qpdf-infiniteloop1, and is discussed alongside related CVEs (CVE-2017-9209...
CVE-2017-9208
libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...