RHSA-2019:2713-01 -- Redhat popplerID: oval:org.secpod.oval:def:503336 | Date: (C)2020-11-04 (M)2023-12-20 |
Class: PATCH | Family: unix |
Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: * poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc * poppler: heap-based buffer overflow in function ImageStream::getLine in Stream.cc * poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc * poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc * poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc * poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc * poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c * poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc * poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc * poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc * poppler: stack consumption in function Dict::find in Dict.cc * poppler: integer overflow in JPXStream::init function leading to memory consumption For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |