File _patchinfo of Package patchinfo.31254

<patchinfo incident="31254">
  <issue tracker="cve" id="2018-18456"/>
  <issue tracker="cve" id="2020-36023"/>
  <issue tracker="cve" id="2018-18454"/>
  <issue tracker="cve" id="2019-13287"/>
  <issue tracker="bnc" id="1112428">VUL-1: CVE-2018-18456: xpdf: Object:isName() in Object.h called from Gfx:opSetFillColorN stack-based buffer over-read</issue>
  <issue tracker="bnc" id="1140745">VUL-1: CVE-2019-13287: xpdf,poppler: In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the function SplashXPath:strokeAdjust() located at splash/SplashXPath.cc. It can, for example, be triggered by sending a crafted PDF docum</issue>
  <issue tracker="bnc" id="1214256">VUL-0: CVE-2020-36023: poppler: Stack-Overflow in `FoFiType1C:cvtGlyph`</issue>
  <issue tracker="bnc" id="1112424">VUL-1: CVE-2018-18454: xpdf: CCITTFaxStream:readRow() in Stream.cc heap-based buffer over-read</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for poppler</summary>
  <description>This update for poppler fixes the following issues:

- CVE-2019-13287: Fixed an out-of-bounds read vulnerability in the function SplashXPath:strokeAdjust. (bsc#1140745)
- CVE-2018-18456: Fixed a stack-based buffer over-read via a crafted pdf file. (bsc#1112428)
- CVE-2018-18454: Fixed heap-based buffer over-read) via a crafted pdf file. (bsc#1112424)
- CVE-2020-36023: Fixed a stack bugger overflow in FoFiType1C:cvtGlyph. (bsc#1214256)
</description>
</patchinfo>