SUSE-SU-2018:1691-1 -- SLES poppler, libpopplerID: oval:org.secpod.oval:def:89002170 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for poppler fixes the following issues: - CVE-2017-14977: Fixed a NULL pointer dereference vulnerability in the FoFiTrueType::getCFFBlock function in FoFiTrueType.cc that occurred due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack. - CVE-2017-1000456: Validate boundaries in TextPool::addWord to prevent overflows in subsequent calculations - CVE-2017-15565: Prevent NULL Pointer dereference in the GfxImageColorMap::getGrayLine function via a crafted PDF document
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
poppler |
libpoppler |