Fedora 26: qpdf Security Update
Summary
QPDF is a command-line program that does structural, content-preserving
transformations on PDF files. It could have been called something
like pdf-to-pdf. It includes support for merging and splitting PDFs
and to manipulate the list of pages in a PDF file. It is not a PDF viewer
or a program capable of converting PDF into other formats.
Adding patches for CVEs in qpdf does binary incompatibility, so cups-filters
needed to be rebuilt.
[ 1 ] Bug #1454820 - CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 qpdf: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1454820
su -c 'dnf upgrade qpdf' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-191d7ec089 2017-08-15 15:10:16.363390 Product : Fedora 26 Version : 6.0.0 Release : 8.fc26 URL : https://qpdf.sourceforge.io/ Summary : Command-line tools and library for transforming PDF files Description : QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It includes support for merging and splitting PDFs and to manipulate the list of pages in a PDF file. It is not a PDF viewer or a program capable of converting PDF into other formats. Adding patches for CVEs in qpdf does binary incompatibility, so cups-filters needed to be rebuilt. [ 1 ] Bug #1454820 - CVE-2017-9208 CVE-2017-9209 CVE-2017-9210 qpdf: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1454820 su -c 'dnf upgrade qpdf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References