Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
patchinfo.10471
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.10471
<patchinfo incident="10471"> <issue tracker="bnc" id="1096890">VUL-1: CVE-2018-11255: podofo: Null Pointer Dereference Denial of Service in PdfPage::GetPageNumber()</issue> <issue tracker="bnc" id="1076962">VUL-1: CVE-2018-5783: podofo: Uncontrolled memory allocation in PoDoFo::PdfVecObjects::Reserve (src/base/PdfVecObjects.h)</issue> <issue tracker="bnc" id="1124357">VUL-1: CVE-2018-20751: podofo: null pointer dereference in crop_page function</issue> <issue tracker="bnc" id="1099720">VUL-0: CVE-2018-12982: podofo: invalid memory read bug in PdfVariant::DelayedLoad()</issue> <issue tracker="bnc" id="1035596">VUL-1: CVE-2017-8054: podofo: denial of service via a crafted PDF document (PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464)</issue> <issue tracker="cve" id="2018-12982"/> <issue tracker="cve" id="2018-5783"/> <issue tracker="cve" id="2018-20751"/> <issue tracker="cve" id="2017-8054"/> <issue tracker="cve" id="2018-11255"/> <category>security</category> <rating>moderate</rating> <packager>alarrosa</packager> <description>This update for podofo fixes the following issues: Security issues fixed: - CVE-2017-8054: Fixed a vulnerability in PdfPagesTree::GetPageNodeFromArray function which could allow remote attackers to cause Denial of Service (bsc#1035596). - CVE-2018-5783: Fixed an uncontrolled memory allocation in PdfVecObjects::Reserve function (bsc#1076962). - CVE-2018-11255: Fixed a null pointer dereference in PdfPage::GetPageNumber() function which could lead to Denial of Service (bsc#1096890). - CVE-2018-20751: Fixed a null pointer dereference in crop_page function (bsc#1124357). - CVE-2018-12982: Fixed an invalid memory read in PdfVariant::DelayedLoad() function which could allow remote attackers to cause Denial of Service (bsc#1099720). - Fixed a buffer overflow in TestEncrypt function. - Fixed a null pointer dereference in PdfTranslator-setTarget function. - Fixed a heap based buffer overflow PdfVariant:DelayedLoad function. </description> <summary>Security update for podofo</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor