Overview

File _patchinfo of Package patchinfo.5223

<patchinfo incident="5223">
  <issue id="1045719" tracker="bnc">VUL-0: CVE-2017-9775: poppler: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document</issue>
  <issue id="1042802" tracker="bnc">VUL-0: CVE-2017-9408: poppler: Memory leak in the Object::initArray function</issue>
  <issue id="1045721" tracker="bnc">VUL-0: CVE-2017-9776: poppler: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document</issue>
  <issue id="2017-9408" tracker="cve" />
  <issue id="2017-9776" tracker="cve" />
  <issue id="2017-9775" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>psimons</packager>
  <description>This update for poppler fixes the following issues:

Security issues fixed:
- CVE-2017-9775: Fix a stack overflow bug in pdftocairo that could have been exploited in a denial
  of service attack through a specially crafted PDF document. (bsc#1045719)
- CVE-2017-9776: Fix an integer overflow bug that could have been exploited in a denial of service
  attack through a specially crafted PDF document. (bsc#1045721)
- CVE-2017-9408: Fix a memory leak that occurred when the parser tried to recover from a broken
  input file. (bsc#1042802) 

</description>
  <summary>Security update for poppler</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places