[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1547-1] libpdfbox-java security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libpdfbox-java
Version        : 1:1.8.7+dfsg-1+deb8u2
CVE ID         : CVE-2018-11797
Debian Bug     : #910390

It was discovered that there was a denial-of-service vulnerability in
libpdfbox-java, a PDF library for Java.

A malicious PDF file could have triggered an extremely long running
computation when parsing the page tree.

For Debian 8 "Jessie", this issue has been fixed in libpdfbox-java version
1:1.8.7+dfsg-1+deb8u2.

We recommend that you upgrade your libpdfbox-java packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlvGC4UACgkQHpU+J9Qx
HliddQ//QaZmIis1RbdFAVpsuYC6CcCK/lCO1ZGe2bh8iNv/Pe4c0mC+HzfUn/vv
J8jYysg7COJ8NUZGhfpTOAdvMibYC7Zfqwz6MBfSEY6VQjSB4ntk3qqQvgzPoVcs
H6kFEHtvP/jantqrSisrlqLethSRq3x4bkcEQebRzEXXr4HliIdhSj5KiTnTbJsq
W3a+a9K4MHjpifIdXpbpJMYB6LIeIAhodvCVoxzLhASX91oQMoZ9okBJH3yP4VRp
sn/eTDdhNBOly1Qq8qvxJlDOdgxbt9/ceCQ8iDUIdNYqIircbhgZQhLNkvc0U/Jd
s2aGvnQF6+a+0sA2dF6prA9x/VWxeUWGtA2Hjo5TtkQoo43tPJNC2P0dK4lLB0BV
1OfAQDHBcle1Z8tPdJNNd9CGo6qEbvppmotFWN+t8WZH54O/iXWzaN4X8QygslCk
Wezz+H5Fykcs85KqtLNTZ/g27M2qd7R4i2sA4OG0LhyL4oSVwv6mfGUN1yns9Wlj
tUbqdfW9Kn+3QcWzYUDr14H8APeRDCoVnhb6FwbxBMdtvL0v42bV53LuLz04ch62
+K5S6RCeT2kmYIDWyBeInCxubMb05WvhX8Dot8jlBSy/jMF2iaQ9usIeQ+4sv0lT
7mNYL0tqvOMP425pLk5BRhESA0d5oVUkXnwgoKaOknXZOu2TOMM=
=By6b
-----END PGP SIGNATURE-----


Reply to: