Source: poppler Version: 0.71.0-3 Severity: important Tags: patch security upstream Forwarded: https://gitlab.freedesktop.org/poppler/poppler/issues/748
Hi, The following vulnerability was published for poppler. CVE-2019-10873[0]: | An issue was discovered in Poppler 0.74.0. There is a NULL pointer | dereference in the function SplashClip::clipAALine at | splash/SplashClip.cc. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-10873 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873 [1] https://gitlab.freedesktop.org/poppler/poppler/issues/748 [2] https://gitlab.freedesktop.org/poppler/poppler/commit/8dbe2e6c480405dab9347075cf4be626f90f1d05 Please adjust the affected versions in the BTS as needed, the issue possibly got introduced only in 0.70, but needs to be checked. Regards, Salvatore