File _patchinfo of Package patchinfo.31258
<patchinfo incident="31258"> <issue tracker="cve" id="2022-37052"/> <issue tracker="cve" id="2019-9545"/> <issue tracker="cve" id="2019-9631"/> <issue tracker="cve" id="2019-14292"/> <issue tracker="cve" id="2022-48545"/> <issue tracker="cve" id="2020-36023"/> <issue tracker="bnc" id="1214726">VUL-0: CVE-2022-37052: poppler: reachable assertion due to a failure in markObject()</issue> <issue tracker="bnc" id="1128114">VUL-1: CVE-2019-9545: poppler: denial of service via recursive function call, in JBIG2Stream:readTextRegion() located in JBIG2Stream.cc</issue> <issue tracker="bnc" id="1129202">VUL-1: CVE-2019-9631: poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc</issue> <issue tracker="bnc" id="1214256">VUL-0: CVE-2020-36023: poppler: Stack-Overflow in `FoFiType1C:cvtGlyph`</issue> <issue tracker="bnc" id="1214723">VUL-0: CVE-2022-48545: poppler: infinite recursion in Catalog:findDestInTree</issue> <issue tracker="bnc" id="1143570">VUL-1: CVE-2019-14292: xpdf, poppler: An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading:parse at GfxState.cc for typeA!=6 case 1.</issue> <packager>pgajdos</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for poppler</summary> <description>This update for poppler fixes the following issues: - CVE-2019-9545: Fixed a potential crash due to uncontrolled recursion in the JBIG parser (bsc#1128114). - CVE-2019-9631: Fixed an out of bounds read when converting a PDF to an image (bsc#1129202). - CVE-2022-37052: Fixed a reachable assertion when extracting pages of a PDf file (bsc#1214726). - CVE-2020-36023: Fixed a stack bugger overflow in FoFiType1C:cvtGlyph (bsc#1214256). - CVE-2019-14292: Fixed an out of bounds read in GfxState.cc (bsc#1143570). - CVE-2022-48545: Fixed an infinite recursion in Catalog::findDestInTree which can cause denial of service (bsc#1214723). </description> </patchinfo>
