FEDORA-2017-025ff38ac9

security update in Fedora 27 for poppler

Status: stable 8 months ago

Security fix for CVE-2017-14926, CVE-2017-14927 and CVE-2017-14928.


Security fix for CVE-2017-14617


Security fix for CVE-2017-14517, CVE-2017-14518, CVE-2017-14519 and CVE-2017-14929.

Comments 10

This update has been submitted for testing by dtardon.

This update has obsoleted poppler-0.57.0-4.fc27, and has inherited its bugs and notes.

This update has been pushed to testing.

Evince works.

karma: +1

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

pdf rendering in evince seems to work fine

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
#1500322 CVE-2017-14928 poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration
#1500323 CVE-2017-14926 poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content
#1500324 CVE-2017-14927 poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function
#1500326 CVE-2017-14926 CVE-2017-14927 CVE-2017-14928 poppler: various flaws [fedora-all]
#1499905 CVE-2017-14617 poppler: Floating point exception in the ImageStream class
#1499906 CVE-2017-14617 poppler: Floating point exception in the ImageStream class [fedora-all]
#1499162 CVE-2017-14517 poppler: NULL pointer dereference in the XRef::parseEntry() function
#1499163 CVE-2017-14518 poppler: Floating point exception in the isImageInterpolationRequired() function
#1499165 CVE-2017-14519 poppler: Memory corruption via Gfx.cc infinite loop
#1499167 CVE-2017-14929 poppler: Memory corruption via Gfx.cc infinite loop
#1499168 CVE-2017-14517 CVE-2017-14518 CVE-2017-14519 CVE-2017-14929 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 poppler: various flaws [fedora-all]
Is the update generally functional?
Content Type
RPM
Status
stable
Test Gating Status
Tests not running
Submitted by
Update Type
security
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 9 months ago
in testing 9 months ago
in stable 8 months ago

Related Bugs 11

00 #1500322 CVE-2017-14928 poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration
00 #1500323 CVE-2017-14926 poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content
00 #1500324 CVE-2017-14927 poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function
00 #1500326 CVE-2017-14926 CVE-2017-14927 CVE-2017-14928 poppler: various flaws [fedora-all]
00 #1499905 CVE-2017-14617 poppler: Floating point exception in the ImageStream class
00 #1499906 CVE-2017-14617 poppler: Floating point exception in the ImageStream class [fedora-all]
00 #1499162 CVE-2017-14517 poppler: NULL pointer dereference in the XRef::parseEntry() function
00 #1499163 CVE-2017-14518 poppler: Floating point exception in the isImageInterpolationRequired() function
00 #1499165 CVE-2017-14519 poppler: Memory corruption via Gfx.cc infinite loop
00 #1499167 CVE-2017-14929 poppler: Memory corruption via Gfx.cc infinite loop
00 #1499168 CVE-2017-14517 CVE-2017-14518 CVE-2017-14519 CVE-2017-14929 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 poppler: various flaws [fedora-all]

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.