Advisories ยป MGASA-2026-0229

Updated podofo packages fix security vulnerabilities

Publication date: 24 Jun 2026
Modification date: 24 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-31567 , CVE-2023-31568

Description

Podofo v0.9.8 shares some of the vulnerable code that was discovered in
Podofo v0.10.0. This package fixes that.
CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer
overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.
CVE-2023-31568 Podofo v0.10.0 was discovered to contain a heap buffer
overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.
                

References

SRPMS

9/core