This update fixes multiple security vulnerabilities: CVE-2018-5783, CVE-2018-11254, CVE-2018-11255, CVE-2018-11256, CVE-2018-12982, CVE-2018-14320, CVE-2018-19532

How to install

sudo dnf upgrade --advisory=FEDORA-2018-6b9320d9c9

This update has been submitted for testing by smani.

2 years ago

smani edited this update.

2 years ago

smani edited this update.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon andilinux commented & provided feedback 2 years ago
karma

works for me

User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me

This update has been submitted for batched by bodhi.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#1537634 CVE-2018-5783 podofo: uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function in base/PdfVecObjects.h
0
0
BZ#1537635 CVE-2018-5783 podofo: uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function in base/PdfVecObjects.h [fedora-all]
0
0
BZ#1581281 CVE-2018-11254 podofo: Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp
0
0
BZ#1581282 CVE-2018-11255 podofo: NULL pointer dereference in the function PdfPage::GetPageNumber() in PdfPage.cpp
0
0
BZ#1581283 CVE-2018-11256 podofo: NULL pointer dereference in the function PdfDocument::Append() in PdfDocument.cpp
0
0
BZ#1581285 CVE-2018-11254 CVE-2018-11255 CVE-2018-11256 podofo: various flaws [fedora-all]
0
0
BZ#1581286 CVE-2018-11254 CVE-2018-11255 CVE-2018-11256 mingw-podofo: various flaws [fedora-all]
0
0
BZ#1597426 CVE-2018-12982 podofo: invalid memory read in the PoDoFo::PdfVariant::DelayedLoad function
0
0
BZ#1597428 CVE-2018-12982 podofo: invalid memory read in the PoDoFo::PdfVariant::DelayedLoad function [fedora-all]
0
0
BZ#1597430 CVE-2018-12982 mingw-podofo: podofo: invalid memory read in the PoDoFo::PdfVariant::DelayedLoad function [fedora-all]
0
0
BZ#1622921 CVE-2018-15889 podofo: Insufficient input validation in PoDoFo::PdfVecObjects::Reserve()
0
0
BZ#1622922 CVE-2018-15889 podofo: Insufficient input validation in PoDoFo::PdfVecObjects::Reserve() [fedora-all]
0
0
BZ#1631429 CVE-2018-14320 podofo: Lack of proper validation of user supplied data can result in information disclosure
0
0
BZ#1631430 CVE-2018-14320 podofo: Lack of proper validation of user supplied data can result in information disclosure [fedora-all]
0
0
BZ#1656191 CVE-2018-19532 podofo: NULL pointer dereference in PdfTranslator::setTarget() in pdftranslator.cpp
0
0
BZ#1656194 CVE-2018-19532 podofo: NULL pointer dereference in PdfTranslator::setTarget() in pdftranslator.cpp [fedora-all]
0
0

Automated Test Results