[SECURITY] [DLA 1939-1] poppler security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : poppler
Version : 0.26.5-2+deb8u11
CVE ID : CVE-2018-20650 CVE-2018-21009 CVE-2019-12493
Several issues in poppler, a PDF rendering library, have been fixed.
CVE-2018-20650
A missing check for the dict data type could lead to a denial of
service.
CVE-2018-21009
An integer overflow might happen in Parser::makeStream.
CVE-2019-12493
A stack-based buffer over-read by a crafted PDF file might happen in
PostScriptFunction::transform because some functions mishandle tint
transformation.
For Debian 8 "Jessie", these problems have been fixed in version
0.26.5-2+deb8u11.
We recommend that you upgrade your poppler packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl2SZahfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeCDQ//flO9VHvtRUMFIHI81ru/pGWGKqaa9qOF6gF17EXYe/3Nx4CWykvNYgoC
XH72Vwt68II0VgGOAJDUDLIVn3Ao8wA1rDcNpb1GCg7dGlCLnZ00PMKVctfjm8UC
mUnN9avnyvJk7sUrOEIL4YJWpNObUfsRQ/IThnt+2Yh28p0s3GD2xTbz0S85nU+Q
mzhBIfUtYKJGQXUQhwzvBC9VttYNQodqNrveXRocbvmVlFL9+hvEGGrLurkDUU3H
oOQ9BxHsRUHi2B+PZywNfuM57BaQQFgnEbXOnTZu/3DBoYaObz+Rc3jvwtD9Q2f+
zdiqu5YGN6ZIeukqqFkfxM3DVnKdFkmhh4NIpQjFGm1LLF5i9HV5mYvqFBICy0jn
oStU2tUmumjCvjHkz3oSwepDHueDVqueIjR8fL4roXOKcI0uQXNGTPB8D4CteOml
rqveHH49eo680gevmKOpnx2Z6PgP0b7iMu6dnbNTt6s0dVLR2jFjO5bU6CbuZ6gg
J+OijBMYkpU4gdX3fg39Yu7pX/LQ50aD+3J1SqGHcA4R5FDYkH03p/L5nOSVnWYS
VP+Zu4zH1gbdZ53f1mDuzX4px5gM+06dDNE84K9gscCvnWOQXebSFjTCKeC2VvUZ
brL1c2TqOaPpeRpLOJO1Jl4fnGHvxnfIouMesVBUMsmnmG4PTb4=
=rfBY
-----END PGP SIGNATURE-----
Reply to: