Overview

File _patchinfo of Package patchinfo.11542

<patchinfo incident="11542">
  <issue tracker="bnc" id="1133037">VUL-1: CVE-2019-11459: evince: The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitializ</issue>
  <issue tracker="cve" id="2019-11459"/>
  <issue tracker="cve" id="2019-1010006"/>
  <issue tracker="bnc" id="1141619">VUL-0: CVE-2019-1010006: evince: Evince is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victin must open a crafted PDF file.</issue>
  <category>security</category>
  <rating>important</rating>
  <packager>mgorse</packager>
  <description>This update for evince fixes the following issues:

Security issues fixed: 	  

- CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory (bsc#1133037).
- CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c (bsc#1141619).
 </description>
  <summary>Security update for evince</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places