-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3528-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk August 14, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : poppler Version : 0.71.0-5+deb10u2 CVE ID : CVE-2020-36023 CVE-2020-36024 Two vulnerabilities have been fixed in poppler, a PDF rendering library. CVE-2020-36023 Infinite loop in FoFiType1C::cvtGlyph() CVE-2020-36024 NULL dereference in FoFiType1C::convertToType1() For Debian 10 buster, these problems have been fixed in version 0.71.0-5+deb10u2. We recommend that you upgrade your poppler packages. For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmTaIEIACgkQiNJCh6LY mLGoyA//a8PphFLZov5tqkW/iEW5HOWahoXKfxJts3nV7WcbyeRHG9YoqGVJftuN 1G4bLMIaL4IkD9LumOlzt08a9ABi93gozlpIdmcbTPc+j4RBYifEMcIHbtu1+ZEk isgeIgNepMeD6+2WtGvcD5U94KolmFeLzxgMnYEn++8WME4FRbnReA0rnM/oc4Wh h5zNI3EVv/A2Zdlf+N3Q8BBCzV/heDiAfHZkPszdOC0q0H7qwyqAPmDNj9R51WoU tVO1I1C9mz6uDUIF9FMdaof8e3H5BqhDZ7Vp6sv1bDyxOgD35cX+C+uE5S6httQT espwdel2I3Yx50XhDII0luljZh4oarMAOWwhKVWDICfa1E20dBrdvTQ/6/OSKqWW j8sjXIv3VK9RYMF7cUi2kOWZktmGqDJ2MIjepNyDKgoCNyhvpHhdKicCdx5YQLVe NkZ0e1vKwos/r8Z0I31qtXA2Vdc/jy9WfZFIMwiQjXtVQ1uiA7KE4qNw25pnOW43 q/b/8JIsIM70sMlkeQRvMLDVRqdvGWy63Ll1dE28q64F1PB9jTovoZyBJRVMSphH uOkOpfY2Z2TnkWyAY8NJDPRC90n9Z0gcsUhSLIEtS/tAMQJo6kzCslIGiLD0yKvn mE8D6F/ZUTRCrT2Bl72+eXmxlYoLgQr3zT1ZvUSZkF4qW1xFhjA= =Etbr -----END PGP SIGNATURE-----