SUSE-SU-2023:4362-1 -- SLES poppler, libpoppler-glib8, libpoppler-qt4-4, libpoppler60ID: oval:org.secpod.oval:def:89051056 | Date: (C)2023-11-28 (M)2024-01-03 |
Class: PATCH | Family: unix |
This update for poppler fixes the following issues: * CVE-2019-9545: Fixed a potential crash due to uncontrolled recursion in the JBIG parser . * CVE-2019-9631: Fixed an out of bounds read when converting a PDF to an image . * CVE-2022-37052: Fixed a reachable assertion when extracting pages of a PDf file . * CVE-2020-36023: Fixed a stack bugger overflow in FoFiType1C:cvtGlyph . * CVE-2019-13287: Fixed an out-of-bounds read vulnerability in the function SplashXPath:strokeAdjust . * CVE-2018-18456: Fixed a stack-based buffer over-read via a crafted pdf file . * CVE-2018-18454: Fixed heap-based buffer over-read via a crafted pdf file . * CVE-2019-14292: Fixed an out of bounds read in GfxState.cc . * CVE-2022-48545: Fixed an infinite recursion in Catalog::findDestInTree which can cause denial of service .
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
Product: |
poppler |
libpoppler-glib8 |
libpoppler-qt4-4 |
libpoppler60 |