[ASA-202101-36] podofo: multiple issues

Arch Linux Security Advisory ASA-202101-36 ========================================== Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2017-8054 CVE-2018-5783 CVE-2018-11254 CVE-2018-11255 CVE-2018-11256 CVE-2018-12982 CVE-2018-14320 CVE-2018-19532 CVE-2018-20751 CVE-2019-9199 CVE-2019-9687 Packag...

Fedora Update for mingw-podofo FEDORA-2019-023ea18e20

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : mingw-podofo / podofo (2019-6cc827b7a1)

This update backports a fix for CVE-2018-20751. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

CVE-2018-20751

CVE-2018-20751 affects PoDoFo 0.9.6, where crop_page() can dereference a NULL pPage pointer when adding MediaBox to a crafted PDF, potentially crashing the application. Several connected advisories confirm PoDoFo 0.9.6 as vulnerable and that the issue is fixed in PoDoFo 0.9.7. The broader podofo ...

CVE-2018-20751

An issue was discovered in croppage in PoDoFo 0.9.6. For a crafted PDF document, pPage-GetObject-GetDictionary.AddKeyPdfName"MediaBox",var can be problematic due to the function GetObject being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL...