1 |
type: security |
2 |
subject: Updated qpdf packages fix security vulnerability |
3 |
src: |
4 |
6: |
5 |
core: |
6 |
- qpdf-7.1.1-1.mga6 |
7 |
- cups-filters-1.13.4-2.2.mga6 |
8 |
description: | |
9 |
Qpdf has been updated to the latest version to fix several security issues. |
10 |
- Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral() |
11 |
- Another stack overflow / endless recursion in QPDFWriter::enqueueObject() |
12 |
- Stack out of bounds read in iterate_rc4() |
13 |
- heap out of bounds read (large) in Pl_Buffer::write |
14 |
- Hang due to a pdf xref loop |
15 |
Also, the cups-filters package has been rebuilt for the new qpdf. |
16 |
references: |
17 |
- https://bugs.mageia.org/show_bug.cgi?id=22586 |
18 |
- http://openwall.com/lists/oss-security/2018/02/13/2 |
19 |
ID: MGASA-2018-0131 |