CVE-2017-15565 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15565): In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document. CVE-2017-14929 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14929): In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519. CVE-2017-14928 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14928): In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document. CVE-2017-14927 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14927): In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document. CVE-2017-14926 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14926): In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=21121c39ac5e0a8fc7481a0223e05c95fa30ee0d commit 21121c39ac5e0a8fc7481a0223e05c95fa30ee0d Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2017-11-24 21:23:34 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2017-11-24 23:06:21 +0000 app-text/poppler: Fix CVE-2017-1792{6,7,8,9}, CVE-2017-15565 Bug: https://bugs.gentoo.org/635364 Package-Manager: Portage-2.3.16, Repoman-2.3.6 app-text/poppler/Manifest | 2 +- .../files/poppler-0.57.0-CVE-2017-14926.patch | 36 +++ .../files/poppler-0.57.0-CVE-2017-14927.patch | 32 +++ .../files/poppler-0.57.0-CVE-2017-14928.patch | 69 ++++++ .../files/poppler-0.57.0-CVE-2017-14929.patch | 252 +++++++++++++++++++++ .../files/poppler-0.57.0-CVE-2017-15565.patch | 28 +++ app-text/poppler/poppler-0.57.0-r1.ebuild | 5 + 7 files changed, 423 insertions(+), 1 deletion(-)}
GLSA Vote: No Tree is clean.