Package "libpoppler-dev"
Name: |
libpoppler-dev
|
Description: |
PDF rendering library -- development files
|
Latest version: |
0.24.5-2ubuntu4.17 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Head package: |
poppler |
Homepage: |
http://poppler.freedesktop.org/ |
Links
Download "libpoppler-dev"
Other versions of "libpoppler-dev" in Trusty
Changelog
poppler (0.24.5-2ubuntu4.12) trusty-security; urgency=medium
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2018-13988.patch: fix in poppler/Parser.cc.
- CVE-2018-13988
-- <email address hidden> (Leonidas S. Barbosa) Mon, 27 Aug 2018 12:10:48 -0300
|
Source diff to previous version |
CVE-2018-13988 |
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demons |
|
poppler (0.24.5-2ubuntu4.11) trusty-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2017-18267.patch: fix issue for malformed
documents in fofi/FoFiType1C.cc.
- CVE-2017-18267
* SECURITY UPDATE: Null dereference
- debian/patches/CVE-2018-10768.patch: draw for malformed docs
in poppler/Annot.c.
- CVE-2018-10768
-- <email address hidden> (Leonidas S. Barbosa) Mon, 14 May 2018 11:18:01 -0300
|
Source diff to previous version |
CVE-2017-18267 |
The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recu |
CVE-2018-10768 |
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input wi |
|
poppler (0.24.5-2ubuntu4.8) trusty-security; urgency=medium
* SECURITY UPDATE: pointer dereference can cause a DoS attack
- debian/patches/CVE-2017-15565.patch: fix crash in broken files caused by
a dereference pointer in poppler/CairoOutputDev.cc.
- CVE-2017-15565
-- <email address hidden> (Leonidas S. Barbosa) Thu, 26 Oct 2017 11:22:42 -0300
|
Source diff to previous version |
CVE-2017-15565 |
In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. |
|
poppler (0.24.5-2ubuntu4.7) trusty-security; urgency=medium
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14518.patch: Fix divide by 0 on broken
documents in splash/Splash.cc.
- CVE-2017-14518
* SECURITY UPDATE: Floating point exception
- debian/patches/CVE-2017-14520.patch: don't try to scale if srcHeight or
srcWidth is less than 1 in splash/Splash.cc.
- CVE-2017-14520
* SECURITY UPDATE: Floating point exception in ImageStream
- debian/patches/CVE-2017-14617.patch: Fix crash in broken files in
poppler/Stream.cc.
- CVE-2017-14617
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2017-14929.patch: Fix infinite recursion
in poppler/Gfx.cc, poppler/GfxState.cc, poppler/GfxState.h.
- CVE-2017-14929
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14975.patch: fix crash in convertToType0 in
fofi/FoFiType1C.cc.
- CVE-2017-14975
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2017-14977.patch: fix NULL deference pointer in
fofi/FoFiTrueType.cc.
- CVE-2017-14977
* SECURITY UPDATE: Integer overflow and heap overflow
- debian/patches/CVE-2017-9776.patch: fix malformed documents
in poppler/JBIG2Stream.cc.
- CVE-2017-9776
-- <email address hidden> (Leonidas S. Barbosa) Wed, 04 Oct 2017 12:51:10 -0300
|
CVE-2017-1451 |
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user with DB2 instance owner privileg |
CVE-2017-1452 |
IBM DB2 for Linux, UNIX and Windows 9.7, 10,1, 10.5, and 11.1 (includes DB2 Connect Server) could allow a local user to obtain elevated privilege and |
CVE-2017-1461 |
RESERVED |
CVE-2017-1492 |
RESERVED |
CVE-2017-1497 |
RESERVED |
CVE-2017-9776 |
Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of |
|
About
-
Send Feedback to @ubuntu_updates