Advisories » MGASA-2018-0068

Updated poppler packages fix security vulnerability

Publication date: 11 Jan 2018
Modification date: 11 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-1000456

Description

freedesktop.org libpoppler 0.60.1 fails to validate boundaries in
TextPool::addWord, leading to overflow in subsequent calculations.
(CVE-2017-1000456
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22352
• https://usn.ubuntu.com/usn/usn-3517-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456

SRPMS

6/core

• poppler-0.52.0-3.6.mga6