You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa poppler-data

Sigurnosni nedostaci programskog paketa poppler-data

——————————————————————————–
Fedora Update Notification
FEDORA-2017-c9b0c406b3
2017-11-15 15:47:48.468189
——————————————————————————–

Name : poppler-data
Product : Fedora 27
Version : 0.4.8
Release : 3.fc27
URL : http://poppler.freedesktop.org/
Summary : Encoding files
Description :
This package consists of encoding files for poppler. When installed,
the encoding files enables poppler to correctly render CJK and Cyrillic
properly.

——————————————————————————–
Update Information:

Latest release of `Ghostscript` (version `9.22`) fixes several *low-impact*
security issues, as it provides regular quality improvements & fixes as well.
——————————————————————————–
References:

[ 1 ] Bug #1433159 – ghostscript-9.22 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1433159
[ 2 ] Bug #1491191 – ghostscript 9.20 (gs bug number 697846) causes pstoedit to fail, breaking textext in inkscape
https://bugzilla.redhat.com/show_bug.cgi?id=1491191
[ 3 ] Bug #1476193 – CVE-2017-11714 ghostscript: Out of bounds read in igc_reloc_struct_ptr() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1476193
[ 4 ] Bug #1475838 – CVE-2017-9610 CVE-2017-9611 CVE-2017-9612 CVE-2017-9618 CVE-2017-9619 CVE-2017-9620 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9740 CVE-2017-9835 ghostscript: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1475838
[ 5 ] Bug #1456729 – CVE-2017-9216 ghostscript: jbig2dec: Null pointer dereference in jbig2_huffman_get() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1456729
[ 6 ] Bug #1451250 – CVE-2017-8908 ghostscript: Out-of-bounds read in mark_line_tr function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1451250
[ 7 ] Bug #1444945 – CVE-2017-7948 ghostscript: Integer overflow in the mark_curve function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1444945
[ 8 ] Bug #1427442 – CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_image_enum_begin function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1427442
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade poppler-data’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa openstack-aodh

Otkriven je sigurnosni nedostatak u programskom paketu openstack-aodh za operacijski sustav RHEL. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje sigurnosnih ograničenja....

Close