Updated qpdf packages fix security vulnerability
Publication date: 22 Feb 2018Modification date: 22 Feb 2018
Type: security
Affected Mageia releases : 6
Description
Qpdf has been updated to the latest version to fix several security issues. - Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral() - Another stack overflow / endless recursion in QPDFWriter::enqueueObject() - Stack out of bounds read in iterate_rc4() - heap out of bounds read (large) in Pl_Buffer::write - Hang due to a pdf xref loop Also, the cups-filters package has been rebuilt for the new qpdf.
References
SRPMS
6/core
- qpdf-7.1.1-1.mga6
- cups-filters-1.13.4-2.2.mga6