Overview

File _patchinfo of Package patchinfo.30722

<patchinfo incident="30722">
  <issue tracker="bnc" id="1214618">VUL-0: CVE-2022-38349: poppler: reachable assertion in Object.h, will lead to denial of service because PDFDoc:replacePageDict in PDFDoc.cc lacks a stream</issue>
  <issue tracker="bnc" id="1214621">VUL-0: CVE-2022-37051: poppler:  abort in main() in pdfunite.cc</issue>
  <issue tracker="bnc" id="1214622">VUL-0: CVE-2022-37050: poppler: denial-of-service via savePageAs in PDFDoc.c</issue>
  <issue tracker="cve" id="2022-37050"/>
  <issue tracker="cve" id="2022-37051"/>
  <issue tracker="cve" id="2022-38349"/>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for poppler</summary>
  <description>This update for poppler fixes the following issues:

- CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c (bsc#1214622).
- CVE-2022-37051: Fixed abort in main() in pdfunite.cc (bsc#1214621).
- CVE-2022-38349: Fixed reachable assertion in Object.h that will lead to denial of service (bsc#1214618).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places