File _patchinfo of Package patchinfo.30722
<patchinfo incident="30722">
<issue tracker="bnc" id="1214618">VUL-0: CVE-2022-38349: poppler: reachable assertion in Object.h, will lead to denial of service because PDFDoc:replacePageDict in PDFDoc.cc lacks a stream</issue>
<issue tracker="bnc" id="1214621">VUL-0: CVE-2022-37051: poppler: abort in main() in pdfunite.cc</issue>
<issue tracker="bnc" id="1214622">VUL-0: CVE-2022-37050: poppler: denial-of-service via savePageAs in PDFDoc.c</issue>
<issue tracker="cve" id="2022-37050"/>
<issue tracker="cve" id="2022-37051"/>
<issue tracker="cve" id="2022-38349"/>
<packager>pgajdos</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for poppler</summary>
<description>This update for poppler fixes the following issues:
- CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c (bsc#1214622).
- CVE-2022-37051: Fixed abort in main() in pdfunite.cc (bsc#1214621).
- CVE-2022-38349: Fixed reachable assertion in Object.h that will lead to denial of service (bsc#1214618).
</description>
</patchinfo>