We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2020-01-15 10:33:46 +0200

buffer over-read in downsample_row_box_filter in poppler CVE-2019-9631 critical remote

https://nvd.nist.gov/vuln/detail/CVE-2019-9631

Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. CVSS3_base_score: 9.8 critical

This CVE and CVE-2019-14494 CVE-2018-20662 CVE-2019-9200 CVE-2019-9903 CVE-2019-10872 CVE-2019-10873 and CVE-2019-12293 and backport a fix for a regression on case-insensitive search should be fixed through update poppler-0.74.0 vanilla to poppler-0.74.0-0ubuntu1.3 .