Summary: | <app-text/poppler-0.57.0-r1: a NULL Pointer Dereference exists in the XRef::parseEntry() function | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | printing, reavertm |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugs.freedesktop.org/show_bug.cgi?id=102687 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2017-09-18 01:29:12 UTC
This is fixed here: https://cgit.freedesktop.org/poppler/poppler/commit/?id=476394e7a025e02e4897da2e765df2c895d0708f It's not yet in any release. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2822a0cd48e39c110535322754120681a3cfe8f1 commit 2822a0cd48e39c110535322754120681a3cfe8f1 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2017-11-24 21:12:10 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2017-11-24 23:06:21 +0000 app-text/poppler: Fix CVE-2017-14517 Bug: https://bugs.gentoo.org/631290 Package-Manager: Portage-2.3.16, Repoman-2.3.6 .../files/poppler-0.57.0-CVE-2017-14517.patch | 27 ++++ app-text/poppler/poppler-0.57.0-r1.ebuild | 148 +++++++++++++++++++++ 2 files changed, 175 insertions(+)} GLSA Vote: No Tree is clean. |