File _patchinfo of Package patchinfo.35912

<patchinfo incident="35912">
  <issue tracker="bnc" id="1037000">VUL-1: CVE-2017-8378: podofo: denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp)</issue>
  <issue tracker="bnc" id="1027776">VUL-1: CVE-2017-6849: podofo: NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp)</issue>
  <issue tracker="bnc" id="1027786">VUL-1: CVE-2017-6841: podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h)</issue>
  <issue tracker="bnc" id="1023072">VUL-1: podofo: NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)</issue>
  <issue tracker="bnc" id="1131544">VUL-1: CVE-2019-10723: podofo:  Memory leak in PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp</issue>
  <issue tracker="bnc" id="1075772">VUL-1: CVE-2018-5308: podofo: Undefined behavior  (memcpy with NULL pointer) in PdfMemoryOutputStream::Write (src/base/PdfOutputStream.cpp)</issue>
  <issue tracker="bnc" id="1127855">VUL-1: CVE-2019-9199: podofo: Null pointer dereference in function PoDoFo:Impose:PdfTranslator:setSource() in pdftranslator.cpp</issue>
  <issue tracker="bnc" id="1023190">VUL-1: CVE-2015-8981: podofo: heap overflow in the function ReadXRefSubsection</issue>
  <issue tracker="bnc" id="1027787">VUL-1: CVE-2017-6840: podofo: invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp)</issue>
  <issue tracker="bnc" id="1027785">VUL-1: CVE-2017-6842: podofo: NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp)</issue>
  <issue tracker="bnc" id="1027779">VUL-1: CVE-2017-6845: podofo: NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h)</issue>
  <issue tracker="cve" id="2019-9199"/>
  <issue tracker="cve" id="2017-6841"/>
  <issue tracker="cve" id="2017-8378"/>
  <issue tracker="cve" id="2017-6845"/>
  <issue tracker="cve" id="2017-6842"/>
  <issue tracker="cve" id="2019-10723"/>
  <issue tracker="cve" id="2015-8981"/>
  <issue tracker="cve" id="2017-5854"/>
  <issue tracker="cve" id="2018-5308"/>
  <issue tracker="cve" id="2017-6849"/>
  <issue tracker="cve" id="2017-6840"/>
  <packager>alarrosa</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for podofo</summary>
  <description>This update for podofo fixes the following issues:

 - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection (bsc#1023190)
 - CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027787)
 - CVE-2017-6841: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h) (bsc#1027786)
 - CVE-2017-6842: Fixed NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027785)
 - CVE-2017-6845: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h) (bsc#1027779)
 - CVE-2017-6849: Fixed NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp) (bsc#1027776)
 - CVE-2017-8378: Fixed denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp) (bsc#1037000)  
 - CVE-2018-5308: Fixed Undefined behavior  (memcpy with NULL pointer) in PdfMemoryOutputStream::Write (src/base/PdfOutputStream.cpp) (bsc#1075772)
 - CVE-2019-10723: Fixed Memory leak in PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp (bsc#1131544)
 - CVE-2019-9199: Fixed NULL pointer dereference in function PoDoFo:Impose:PdfTranslator:setSource() in pdftranslator.cpp (bsc#1127855)

 - Fixed NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp) (bsc#1023072)
</description>
</patchinfo>