Advisories » MGASA-2020-0133

Updated pdfresurrect packages fix security vulnerability

Publication date: 08 Mar 2020
Modification date: 08 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-9549

Description

The updated package fixes a security vulnerability:

In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds
write via a crafted PDF document. (CVE-2020-9549)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26304
• https://www.debian.org/lts/security/2020/dla-2134
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9549

SRPMS

7/core

• pdfresurrect-0.18-1.1.mga7