File _patchinfo of Package patchinfo.4954

<patchinfo incident="4954">
  <issue id="1045719" tracker="bnc">VUL-0: CVE-2017-9775: poppler: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document</issue>
  <issue id="1045721" tracker="bnc">VUL-0: CVE-2017-9776: poppler: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document</issue>
  <issue id="1043088" tracker="bnc">VUL-0: CVE-2017-7515: poppler: Stack exhaustion due to infinite recursive call in pdfunite</issue>
  <issue id="1041783" tracker="bnc">VUL-1: CVE-2017-7511: poppler: Null pointer dereference in pdfunite via crafted documents</issue>
  <issue id="1042803" tracker="bnc">VUL-0: CVE-2017-9406: poppler: Memory leak in the gmalloc function in gmem.cc</issue>
  <issue id="1042802" tracker="bnc">VUL-0: CVE-2017-9408: poppler: Memory leak in the Object::initArray function</issue>
  <issue id="2017-9775" tracker="cve" />
  <issue id="2017-9776" tracker="cve" />
  <issue id="2017-7515" tracker="cve" />
  <issue id="2017-7511" tracker="cve" />
  <issue id="2017-9406" tracker="cve" />
  <issue id="2017-9408" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>psimons</packager>
  <description>This update for poppler fixes the following issues:

Security issues fixed:
- CVE-2017-9775: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document (bsc#1045719)
- CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document (bsc#1045721)
- CVE-2017-7515: Stack exhaustion due to infinite recursive call in pdfunite (bsc#1043088)
- CVE-2017-7511: Null pointer dereference in pdfunite via crafted documents (bsc#1041783)
- CVE-2017-9406: Memory leak in the gmalloc function in gmem.cc (bsc#1042803)
- CVE-2017-9408: Memory leak in the Object::initArray function (bsc#1042802)

</description>
  <summary>Security update for poppler</summary>
</patchinfo>