Debian Security Advisory
DLA-3120-1 poppler -- LTS security update
- Date Reported:
- 26 Sep 2022
- Affected Packages:
- poppler
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 913164, Bug 913177, Bug 917974, Bug 925264, Bug 941776, Bug 933812, Bug 1010695, Bug 1018971.
In Mitre's CVE dictionary: CVE-2018-18897, CVE-2018-19058, CVE-2018-20650, CVE-2019-9903, CVE-2019-9959, CVE-2019-14494, CVE-2020-27778, CVE-2022-27337, CVE-2022-38784. - More information:
-
Several security vulnerabilities have been discovered in Poppler, a PDF rendering library, that could lead to denial of service or possibly other unspecified impact when processing maliciously crafted documents.
For Debian 10 buster, these problems have been fixed in version 0.71.0-5+deb10u1.
We recommend that you upgrade your poppler packages.
For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler
Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS