Advisories ยป MGASA-2018-0083

Updated poppler packages fix security vulnerability

Publication date: 14 Jan 2018
Modification date: 14 Jan 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-1000456

Description

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in
TextPool::addWord, leading to overflow in subsequent calculations
(CVE-2017-1000456).
                

References

SRPMS

5/core