Package "qpdf"

Links

Download "qpdf"

Other versions of "qpdf" in Xenial

Repository	Area	Version
base	main	6.0.0-2
security	main	8.0.2-3~16.04.1

Packages in group

Deleted packages are displayed in grey.

• libqpdf-dev
• libqpdf21

Changelog

Version: 8.0.2-3~16.04.1	2018-05-07 19:06:55 UTC
qpdf (8.0.2-3~16.04.1) xenial-security; urgency=medium   * SECURITY UPDATE: Updated to 8.0.2 to fix security issues.     - CVE-2015-9252, CVE-2017-9208, CVE-2017-9209, CVE-2017-9210,       CVE-2017-11624, CVE-2017-11625, CVE-2017-11626, CVE-2017-11627,       CVE-2017-12595, CVE-2017-18183, CVE-2017-18184, CVE-2017-18185,       CVE-2017-18186, CVE-2018-9918   * Revert to debhelper 9:     - debian/compat, debian/control: revert to 9.     - debian/rules: remove dh_missing.  -- Marc Deslauriers <email address hidden> Tue, 01 May 2018 12:40:34 -0400
CVE-2015-9252 An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, relat CVE-2017-9208 libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r CVE-2017-9209 libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r CVE-2017-9210 libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, r CVE-2017-11624 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related CVE-2017-11625 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related CVE-2017-11626 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related CVE-2017-11627 A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related CVE-2017-12595 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack co CVE-2017-18183 An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. CVE-2017-18184 An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. CVE-2017-18185 An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is CVE-2017-18186 An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. CVE-2018-9918 libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a de

---

Share this page

Bookmarks

google-chrome-beta 132.0.6834.15

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

nullboot (jammy)
python2.7 (jammy)
python2.7 (focal)

security

nullboot (jammy)

proposed

linux-restricted-signatures-nvidia-6.8 (jammy)
linux-restricted-modules-nvidia-6.8 (jammy)
linux-signed-nvidia-6.8 (jammy)
linux-meta-nvidia-6.8 (jammy)
linux-signed-gke (noble)
linux-meta-gke (noble)
linux-restricted-signatures-oracle (noble)
linux-restricted-modules-oracle (noble)
linux-signed-oracle (noble)
linux-meta-oracle (noble)
grub2-signed (focal)
grub2-signed (jammy)
grub2-unsigned (jammy)
linux-restricted-signatures-aws (noble)
linux-restricted-signatures-nvidia-lowlatency (noble)
linux-restricted-modules-aws (noble)
linux-restricted-modules-nvidia-lowlatency (noble)
linux-signed-aws (noble)
linux-signed-nvidia-lowlatency (noble)
linux-meta-nvidia-lowlatency (noble)
linux-meta-aws (noble)
linux-restricted-signatures-aws-6.8 (jammy)
linux-restricted-modules-aws-6.8 (jammy)
linux-signed-aws-6.8 (jammy)
linux-aws-6.8 (jammy)
linux-meta-aws-6.8 (jammy)

See all

PPA updates

  PPAs

nginx-nr-agent (bionic)
nvidia-graphics-drivers-550 (noble)
nvidia-graphics-drivers-550 (jammy)
libnvidia-nscq-550 (jammy)
nvidia-graphics-drivers-550 (focal)
google-chrome-canary (stable)
linux-signed-oracle (oracular)
linux-signed-lowlatency (oracular)
linux-signed-gcp-6.8 (jammy)
linux-restricted-modules-oracle (oracular)
linux-restricted-modules-lowlatency (oracular)
linux-signed-gcp (oracular)
linux-signed-intel (noble)
linux-restricted-modules-gcp-6.8 (jammy)
linux-restricted-modules-gcp (oracular)
linux-signed-aws (oracular)
linux-meta-oracle (oracular)
linux-generate-oracle (oracular)
linux-generate-lowlatency (oracular)
linux-generate-gcp (oracular)
linux-meta-gcp (oracular)
linux-meta-lowlatency (oracular)
linux-meta-intel (noble)
linux-generate-intel (noble)
linux-signed-oracle-6.8 (jammy)
linux-meta-gcp-6.8 (jammy)
linux-generate-gcp-6.8 (jammy)
linux-restricted-modules-aws (oracular)
linux-signed-azure (oracular)
linux-generate-aws (oracular)

See all