FEDORA-2019-01da705767 — security update for xpdf

stable

xpdf-4.02-1.fc29

FEDORA-2019-01da705767 created by spot 6 years ago for Fedora 29

xpdf 4.02. Lots of security fixes here.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2019-01da705767

This update has been submitted for testing by spot.

6 years ago

This update's test gating status has been changed to 'waiting'.

6 years ago

This update's test gating status has been changed to 'ignored'.

6 years ago

This update has been pushed to testing.

6 years ago

This update can be pushed to stable now if the maintainer wishes

6 years ago

This update has been submitted for stable by bodhi.

6 years ago

This update has been pushed to stable.

6 years ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

6 years ago

in testing

6 years ago

in stable

6 years ago

Builds

xpdf-4.02-1.fc29

BZ#1716827 CVE-2019-12515 xpdf: out-of-bounds read in function FlateStream::getChar() in Stream.cc [fedora-all]

BZ#1716836 CVE-2019-12493 xpdf: stack-based buffer over-read in function PostScriptFunction::transform in Function.cc [fedora-all]

BZ#1725690 CVE-2019-12957 CVE-2019-12958 xpdf: various flaws [fedora-all]

BZ#1727730 CVE-2019-13283 xpdf: heap-based buffer over-read in FoFiType1::parse in fofi/FoFiType1.cc [fedora-all]

BZ#1727734 CVE-2019-13282 xpdf: heap-based buffer over-read in SampledFunction::transform in Function.cc [fedora-all]

BZ#1727737 CVE-2019-13281 xpdf: heap-based buffer overflow in DCTStream::decodeImage() in Stream.cc [fedora-all]

BZ#1728103 CVE-2019-13286 xpdf: heap-based buffer over-read in function JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc [fedora-all]

xpdf-4.02-1.fc29

Automated Test Results

ignored