Security update for poppler
This update for poppler fixes the following issues:
Security issues fixed:
- CVE-2017-9775: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document (bsc#1045719)
- CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document (bsc#1045721)
- CVE-2017-7515: Stack exhaustion due to infinite recursive call in pdfunite (bsc#1043088)
- CVE-2017-7511: Null pointer dereference in pdfunite via crafted documents (bsc#1041783)
- CVE-2017-9406: Memory leak in the gmalloc function in gmem.cc (bsc#1042803)
- CVE-2017-9408: Memory leak in the Object::initArray function (bsc#1042802)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Peter Simons (psimons)
Fixed bugs
bnc#1045719
VUL-0: CVE-2017-9775: poppler: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document
bnc#1045721
VUL-0: CVE-2017-9776: poppler: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document
bnc#1043088
VUL-0: CVE-2017-7515: poppler: Stack exhaustion due to infinite recursive call in pdfunite
bnc#1041783
VUL-1: CVE-2017-7511: poppler: Null pointer dereference in pdfunite via crafted documents
bnc#1042803
VUL-0: CVE-2017-9406: poppler: Memory leak in the gmalloc function in gmem.cc
bnc#1042802
VUL-0: CVE-2017-9408: poppler: Memory leak in the Object::initArray function
