Overview

File _patchinfo of Package patchinfo.31252

<patchinfo incident="31252">
  <issue tracker="cve" id="2022-37052"/>
  <issue tracker="cve" id="2019-9545"/>
  <issue tracker="cve" id="2020-36023"/>
  <issue tracker="bnc" id="1128114">VUL-1: CVE-2019-9545: poppler: denial of service via recursive function call, in JBIG2Stream:readTextRegion() located in JBIG2Stream.cc</issue>
  <issue tracker="bnc" id="1214726">VUL-0: CVE-2022-37052: poppler: reachable assertion due to a failure in markObject()</issue>
  <issue tracker="bnc" id="1214256">VUL-0: CVE-2020-36023: poppler: Stack-Overflow in `FoFiType1C:cvtGlyph`</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for poppler</summary>
  <description>This update for poppler fixes the following issues:

- CVE-2019-9545: Fixed an uncontrolled recursion issue that could
  cause a crash (bsc#1128114).
- CVE-2022-37052: Fixed a crash that could be triggered when opening
  a crafted file (bsc#1214726).
- CVE-2020-36023: Fixed a stack bugger overflow in FoFiType1C:cvtGlyph (bsc#1214256).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places