File _patchinfo of Package patchinfo.6801

<patchinfo incident="6801">
  <issue id="1050577" tracker="bnc">VUL-1: CVE-2017-11627: qpdf: A stack-consumption vulnerability which allows attackers to cause DoS</issue>
  <issue id="1050579" tracker="bnc">VUL-1: CVE-2017-11625: qpdf: A stack-consumption vulnerability which allows attackers to cause DoS</issue>
  <issue id="1050578" tracker="bnc">VUL-1: CVE-2017-11626: qpdf: A stack-consumption vulnerability which allows attackers to cause DoS</issue>
  <issue id="1050581" tracker="bnc">VUL-1: CVE-2017-11624: qpdf: A stack-consumption vulnerability which allows attackers to cause DoS</issue>
  <issue id="1055960" tracker="bnc">VUL-0: CVE-2017-12595: qpdf: Stack overflow when processing deeply nested arrays and dictionaries</issue>
  <issue id="1040312" tracker="bnc">VUL-1: CVE-2017-9209: qpdf: libqpdf.a allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document</issue>
  <issue id="1040313" tracker="bnc">VUL-1: CVE-2017-9210: qpdf: libqpdf.a allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document</issue>
  <issue id="1040311" tracker="bnc">VUL-1: CVE-2017-9208: qpdf: libqpdf.a allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document</issue>
  <issue id="326621" tracker="fate" />
  <issue id="2017-9208" tracker="cve" />
  <issue id="2017-9209" tracker="cve" />
  <issue id="2017-9210" tracker="cve" />
  <issue id="2017-11624" tracker="cve" />
  <issue id="2017-11625" tracker="cve" />
  <issue id="2017-11626" tracker="cve" />
  <issue id="2017-11627" tracker="cve" />
  <issue id="2017-12595" tracker="cve" />
  <issue id="326621" tracker="fate" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>namtrac</packager>
  <description>
  
This update for qpdf fixes the following issues:

qpdf was updated to 7.1.1.

Security issues fixed:

- CVE-2017-11627: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050577).
- CVE-2017-11625: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050579).
- CVE-2017-11626: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050578).
- CVE-2017-11624: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050581).
- CVE-2017-12595: Stack overflow when processing deeply nested arrays and dictionaries (bsc#1055960).
- CVE-2017-9209: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040312).
- CVE-2017-9210: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040313).
- CVE-2017-9208: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040311).

  * Check release notes for detailed bug fixes.
  * http://qpdf.sourceforge.net/files/qpdf-manual.html#ref.release-notes

</description>
  <summary>Security update for qpdf</summary>
</patchinfo>