698618 – (CVE-2019-16927) <app-text/xpdf-4.02: out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc (CVE-2019-16927)

Bug 698618 (CVE-2019-16927) - <app-text/xpdf-4.02: out-of-bounds write in the vertProfile part of the TextPage::findGaps function in TextOutputDev.cc (CVE-2019-16927)

Summary: <app-text/xpdf-4.02: out-of-bounds write in the vertProfile part of the TextP...

Status:	RESOLVED FIXED

Alias:	CVE-2019-16927

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal trivial (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	~2 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2019-10-27 00:47 UTC by GLSAMaker/CVETool Bot
Modified:	2019-10-27 14:41 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2019-10-27 00:47:45 UTC

CVE-2019-16927 (https://nvd.nist.gov/vuln/detail/CVE-2019-16927):
  Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the
  TextPage::findGaps function in TextOutputDev.cc, a different vulnerability
  than CVE-2019-9877.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2019-10-27 00:49:34 UTC

Package has no stable ebuild.

@ maintainer(s): Please cleanup and drop =app-text/xpdf-4.01.01!

Comment 2 Andrew Savchenko gentoo-dev

2019-10-27 09:37:08 UTC

Done, commit 4200b42667589b1f425801d9128935b2a9b98134.

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2019-10-27 14:41:57 UTC

Repository is clean, all done!