[SECURITY] [DLA 3528-1] poppler security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3528-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 14, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : poppler
Version : 0.71.0-5+deb10u2
CVE ID : CVE-2020-36023 CVE-2020-36024
Two vulnerabilities have been fixed in poppler,
a PDF rendering library.
CVE-2020-36023
Infinite loop in FoFiType1C::cvtGlyph()
CVE-2020-36024
NULL dereference in FoFiType1C::convertToType1()
For Debian 10 buster, these problems have been fixed in version
0.71.0-5+deb10u2.
We recommend that you upgrade your poppler packages.
For the detailed security status of poppler please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/poppler
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmTaIEIACgkQiNJCh6LY
mLGoyA//a8PphFLZov5tqkW/iEW5HOWahoXKfxJts3nV7WcbyeRHG9YoqGVJftuN
1G4bLMIaL4IkD9LumOlzt08a9ABi93gozlpIdmcbTPc+j4RBYifEMcIHbtu1+ZEk
isgeIgNepMeD6+2WtGvcD5U94KolmFeLzxgMnYEn++8WME4FRbnReA0rnM/oc4Wh
h5zNI3EVv/A2Zdlf+N3Q8BBCzV/heDiAfHZkPszdOC0q0H7qwyqAPmDNj9R51WoU
tVO1I1C9mz6uDUIF9FMdaof8e3H5BqhDZ7Vp6sv1bDyxOgD35cX+C+uE5S6httQT
espwdel2I3Yx50XhDII0luljZh4oarMAOWwhKVWDICfa1E20dBrdvTQ/6/OSKqWW
j8sjXIv3VK9RYMF7cUi2kOWZktmGqDJ2MIjepNyDKgoCNyhvpHhdKicCdx5YQLVe
NkZ0e1vKwos/r8Z0I31qtXA2Vdc/jy9WfZFIMwiQjXtVQ1uiA7KE4qNw25pnOW43
q/b/8JIsIM70sMlkeQRvMLDVRqdvGWy63Ll1dE28q64F1PB9jTovoZyBJRVMSphH
uOkOpfY2Z2TnkWyAY8NJDPRC90n9Z0gcsUhSLIEtS/tAMQJo6kzCslIGiLD0yKvn
mE8D6F/ZUTRCrT2Bl72+eXmxlYoLgQr3zT1ZvUSZkF4qW1xFhjA=
=Etbr
-----END PGP SIGNATURE-----
Reply to: