Package "libpoppler-qt5-1"
Name: |
libpoppler-qt5-1
|
Description: |
PDF rendering library (Qt 5 based shared library)
|
Latest version: |
0.86.1-0ubuntu1.4 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
universe |
Head package: |
poppler |
Homepage: |
http://poppler.freedesktop.org/ |
Links
Download "libpoppler-qt5-1"
Other versions of "libpoppler-qt5-1" in Focal
Changelog
poppler (0.86.1-0ubuntu1.4) focal-security; urgency=medium
* SECURITY UPDATE: stack overflow issue
- debian/patches/CVE-2020-23804.patch: Fix stack overflow with
specially crafted files
- CVE-2020-23804
* SECURITY UPDATE: denial of service issue
- debian/patches/CVE-2022-37050.patch: pdfseparate: Check XRef's
Catalog for being a Dict
- debian/patches/CVE-2022-37051.patch: Check isDict before calling
getDict
- debian/patches/CVE-2022-37052.patch: pdfseparate: Account for
XRef::add failing because we run out of memory
- debian/patches/CVE-2022-38349.patch: pdfunite: Fix crash on broken
files
- CVE-2022-37050
- CVE-2022-37051
- CVE-2022-37052
- CVE-2022-38349
-- Nishit Majithia <email address hidden> Wed, 22 Nov 2023 11:20:52 +0530
|
Source diff to previous version |
CVE-2020-23804 |
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. |
CVE-2022-37050 |
In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PD |
CVE-2022-37051 |
An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lack |
CVE-2022-37052 |
A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject. |
CVE-2022-38349 |
An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDic |
|
poppler (0.86.1-0ubuntu1.3) focal-security; urgency=medium
* SECURITY UPDATE: Infinite loop
- d/p/0001-Fix-infinite-looping-in-cvtGlyph-with-broken-files.patch:
Fix Infinite loop in FoFiType1C::cvtGlyph().
- CVE-2020-36023
* SECURITY UPDATE: NULL dereference
- d/p/0002-FoFiType1C-Fix-crashes-with-broken-files.patch: Fix
NULL dereference in FoFiType1C::convertToType1().
- CVE-2020-36024
-- Fabian Toepfer <email address hidden> Wed, 16 Aug 2023 19:03:16 +0200
|
Source diff to previous version |
CVE-2020-36023 |
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to F |
CVE-2020-36024 |
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to F |
|
poppler (0.86.1-0ubuntu1.2) focal-security; urgency=medium
* SECURITY UPDATE: DoS via crafted PDF file
- debian/patches/CVE-2022-27337.patch: bail out if we run out of file
when reading in poppler/Hints.cc.
- CVE-2022-27337
-- Marc Deslauriers <email address hidden> Wed, 02 Aug 2023 15:15:50 -0400
|
Source diff to previous version |
CVE-2022-27337 |
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. |
|
poppler (0.86.1-0ubuntu1.1) focal-security; urgency=medium
* SECURITY UPDATE: Integer Overflow
- debian/patches/CVE-2022-38784.patch:Fix crash on broken file
in poppler/JBIG2Stream.cc.
- CVE-2022-38784
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 06 Sep 2022 07:53:20 -0300
|
CVE-2022-38784 |
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Process |
|
About
-
Send Feedback to @ubuntu_updates