-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3620-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Adrian Bunk October 16, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : poppler Version : 0.71.0-5+deb10u3 CVE ID : CVE-2020-23804 CVE-2022-37050 CVE-2022-37051 Several vulnerabilities have been fixed in poppler, a PDF rendering library. CVE-2020-23804 Stack overflow in XRef::readXRefTable() CVE-2022-37050 Crash in PDFDoc::savePageAs() CVE-2022-37051 Crash in the pdfunite tool For Debian 10 buster, these problems have been fixed in version 0.71.0-5+deb10u3. We recommend that you upgrade your poppler packages. For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmUtIVUACgkQiNJCh6LY mLFCbg/9EeMkqDSl+BeHiGlhEdIoJzs2HTah8PhXqbsEzzJnyig+JlEn3d4oe404 y+nrhA2LhrkJFFdElAtWynNL0xk3DWbKZ5FNL9CrdQvJhRshKNumlupAqk4xbvpn pt2ukISdCrdtEIRKRtyceXmGCYEJsUjvNMkiQ+8MzdwhOO0dgKjO4hmSbEwlMAPy 4L7sZA3lxS8OHBJh0fymTG2Oo2rV7fZoy0Kw/JuJglE7mn/4acYYJUHS9BDr3T44 EHy6STxY9lva4dtsx1svDQjhIf4L2pDtP99kyEPzNOEJPQnaT6QJbuYPGSEVeE8D tbUiRNG35efjccYZLnULKmxSFYT2XzBaazFNCUQhzZeeuZH9BwDn4nALSARaXwuO 2jO7yI13E6fye8L4StphnVJYSZbMg8O56ZDMBuozQG9uHica2YoldA3Rvnz10w8k bdXY/4c9SF7D1KdMHy45CcWEdLHDrOoZF7OcZ9fcwzhRsPCRz4xhjmmIaMycoCCH 4WuzLPXnG8WwbkYDpuHAMW+hixzvWNJIdarkgpzhhxoL8KZBFhUsOaUq9K3tcO7d AZGzWEtfhlFNh1fFtRb0UFkrdF5ooWJ7GRCZbAHaE6Tvl1YhxeGU+B7S8EX79GIO YNtIPSRMhSg35+hVMy1YNGIId8ma4CauOs3rCGfeDacq2iSjg3Y= =m81V -----END PGP SIGNATURE-----