| Summary: | <app-text/podofo-0.10.1: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | zmedico |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: |
https://github.com/podofo/podofo/issues/70 https://github.com/podofo/podofo/issues/71 |
||
| Whiteboard: | A2 [glsa+] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
John Helmert III
2023-05-11 04:15:14 UTC
app-text/podofo-0.10 is a "complete rewrite" so it is possible <0.10 is unaffected. https://github.com/podofo/podofo/releases/tag/0.10.0 CVE-2023-31566 has a fix at https://github.com/podofo/podofo/commit/00d2735a9c5bcb438d6f922b5f2445d28389c2d1 And -31567: https://github.com/podofo/podofo/commit/8f514d69b4ac3c9aa9f725fa93486fe4b7876642 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7ec9123210ab90f66e0a193a5064f3f36a58faac commit 7ec9123210ab90f66e0a193a5064f3f36a58faac Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-12 05:25:34 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-12 05:26:27 +0000 [ GLSA 202405-33 ] PoDoFo: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/906105 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-33.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) |