Synopsis: Moderate: poppler security update
Advisory ID: SLSA-2017:2551-1
Issue Date: 2017-08-30
CVE Numbers: CVE-2017-9775
CVE-2017-9776
—
Security Fix(es):
* A stack-based buffer overflow was found in the poppler library. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash, or potentially execute
arbitrary code when opened. (CVE-2017-9775)
* An integer overflow leading to heap-based buffer overflow was found in
the poppler library. An attacker could create a malicious PDF file that
would cause applications that use poppler (such as Evince) to crash, or
potentially execute arbitrary code when opened. (CVE-2017-9776)
—
SL7
x86_64
poppler-0.26.5-17.el7_4.i686.rpm
poppler-0.26.5-17.el7_4.x86_64.rpm
poppler-debuginfo-0.26.5-17.el7_4.i686.rpm
poppler-debuginfo-0.26.5-17.el7_4.x86_64.rpm
poppler-glib-0.26.5-17.el7_4.i686.rpm
poppler-glib-0.26.5-17.el7_4.x86_64.rpm
poppler-qt-0.26.5-17.el7_4.i686.rpm
poppler-qt-0.26.5-17.el7_4.x86_64.rpm
poppler-utils-0.26.5-17.el7_4.x86_64.rpm
poppler-cpp-0.26.5-17.el7_4.i686.rpm
poppler-cpp-0.26.5-17.el7_4.x86_64.rpm
poppler-cpp-devel-0.26.5-17.el7_4.i686.rpm
poppler-cpp-devel-0.26.5-17.el7_4.x86_64.rpm
poppler-demos-0.26.5-17.el7_4.x86_64.rpm
poppler-devel-0.26.5-17.el7_4.i686.rpm
poppler-devel-0.26.5-17.el7_4.x86_64.rpm
poppler-glib-devel-0.26.5-17.el7_4.i686.rpm
poppler-glib-devel-0.26.5-17.el7_4.x86_64.rpm
poppler-qt-devel-0.26.5-17.el7_4.i686.rpm
poppler-qt-devel-0.26.5-17.el7_4.x86_64.rpm
– Scientific Linux Development Team
