Advisories » MGASA-2018-0358

Updated poppler packages fix security vulnerability

Publication date: 31 Aug 2018
Modification date: 31 Aug 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-13988

Description

The updated packages fix a security vulnerability:

Poppler through 0.62 contains an out of bounds read vulnerability due to
an incorrect memory access that is not mapped in its memory space, as
demonstrated by pdfunite. This can result in memory corruption and denial
of service. This may be exploitable when a victim opens a specially
crafted PDF file (CVE-2018-13988).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=23383
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988

SRPMS

6/core

• poppler-0.52.0-3.8.mga6