Advisories » MGASA-2024-0260

Updated poppler packages fix security vulnerability

Publication date: 10 Jul 2024
Modification date: 10 Jul 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6239

Description

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs
when using -dests parameter with pdfinfo utility. By using certain
malformed input files, an attacker could cause the utility to crash,
leading to a denial of service. (CVE-2024-6239)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33382
• https://lists.suse.com/pipermail/sle-updates/2024-July/035847.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6239

SRPMS

9/core

• poppler-23.02.0-1.3.mga9