Summary: | <app-text/xpdf-4.0.2: stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | bircoph |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://forum.xpdfreader.com/viewtopic.php?f=3&t=41806 | ||
Whiteboard: | ~3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
D'juan McDonald (domhnall)
2019-06-01 04:20:54 UTC
Hi, this bug is fixed in xpdf-4.02 which is now in the tree. Thank you all for you work. Closing as [noglsa]. Security team, should this bug be closed as resolved? Upstream confirms that it is fixed: * CVE-2019-12493: fixed in 4.02 [GfxState.cc] https://www.xpdfreader.com/security-fixes.html (In reply to Andrew Savchenko from comment #3) > Security team, should this bug be closed as resolved? > > Upstream confirms that it is fixed: > * CVE-2019-12493: fixed in 4.02 [GfxState.cc] > https://www.xpdfreader.com/security-fixes.html Yep, sorry! Closing. |