Summary: | app-text/podofo: heap buffer overread | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | zmedico |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/podofo/podofo/issues/69 | ||
Whiteboard: | B4 [upstream/ebuild] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2023-04-24 00:41:50 UTC
CVE-2023-31555 (https://github.com/podofo/podofo/issues/67): podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. Patch: https://github.com/podofo/podofo/commit/3759eb6aae7c01f2d8670f16ac46f5e116c7f468 CVE-2023-31556 (https://github.com/podofo/podofo/issues/66): podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. Patch: https://github.com/podofo/podofo/commit/8d3e9104ea10f8b53a0b5a2a806e6388acd41a40 CVE-2023-31568 (https://github.com/podofo/podofo/issues/72): Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. |