From ${URL} : poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents. Upstream bugs: https://bugs.freedesktop.org/show_bug.cgi?id=101149 https://bugs.freedesktop.org/show_bug.cgi?id=101153 Upstream patch: https://cgit.freedesktop.org/poppler/poppler/commit/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Let's wait for bugs a bit (though the patch is extremely simple).
0.56.0 includes another set of fixes see https://bugs.gentoo.org/show_bug.cgi?id=622430 I would suggest to stabilize this version.
Superseded by bug 622430.
changing dependency to stabilization bug.
Added to existing GLSA
KDE work done.
This issue was resolved and addressed in GLSA 201801-17 at https://security.gentoo.org/glsa/201801-17 by GLSA coordinator Aaron Bauman (b-man).