--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-d7ea552cde
2018-04-27 22:57:28.389605
--------------------------------------------------------------------------------Name        : qpdf
Product     : Fedora 26
Version     : 7.1.1
Release     : 5.fc26
URL         : https://qpdf.sourceforge.io/
Summary     : Command-line tools and library for transforming PDF files
Description :
QPDF is a command-line program that does structural, content-preserving
transformations on PDF files. It could have been called something
like pdf-to-pdf. It includes support for merging and splitting PDFs
and to manipulate the list of pages in a PDF file. It is not a PDF viewer
or a program capable of converting PDF into other formats.

--------------------------------------------------------------------------------Update Information:

Rebase to qpdf-7.1.1 because of CVEs
--------------------------------------------------------------------------------ChangeLog:

* Mon Apr 16 2018 Zdenek Dohnal  - 7.1.1-5
- CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all]
* Mon Feb 19 2018 Zdenek Dohnal  - 7.1.1-4
- gcc and gcc-c++ are no longer in buildroot by default
* Fri Feb  9 2018 Fedora Release Engineering  - 7.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Feb  8 2018 Zdenek Dohnal  - 7.1.1-2
- remove old stuff
* Mon Feb  5 2018 Zdenek Dohnal  - 7.1.1-1
- rebase to 7.1.1
* Tue Sep 19 2017 Zdenek Dohnal  - 7.0.0-1
- rebase to 7.0.0
* Fri Aug 11 2017 Zdenek Dohnal  - 6.0.0-10
- adding patches for CVE back (cups-filters needed to rebuild)
* Mon Aug  7 2017 Zdenek Dohnal  - 6.0.0-9
- removing patches for CVEs, because they break other things now
* Thu Aug  3 2017 Zdenek Dohnal  - 6.0.0-8
- 1477213 - Detect recursions loop resolving objects
- 1454820 - CVE-2017-9208
- 1454820 - CVE-2017-9209
- 1454820 - CVE-2017-9210
* Thu Aug  3 2017 Fedora Release Engineering  - 6.0.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Thu Jul 27 2017 Fedora Release Engineering  - 6.0.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-d7ea552cde' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 26: qpdf Security Update 2018-d7ea552cde 2018-d7ea552cde

April 27, 2018
Rebase to qpdf-7.1.1 because of CVEs

Summary

QPDF is a command-line program that does structural, content-preserving

transformations on PDF files. It could have been called something

like pdf-to-pdf. It includes support for merging and splitting PDFs

and to manipulate the list of pages in a PDF file. It is not a PDF viewer

or a program capable of converting PDF into other formats.

Rebase to qpdf-7.1.1 because of CVEs

* Mon Apr 16 2018 Zdenek Dohnal - 7.1.1-5

- CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all]

* Mon Feb 19 2018 Zdenek Dohnal - 7.1.1-4

- gcc and gcc-c++ are no longer in buildroot by default

* Fri Feb 9 2018 Fedora Release Engineering - 7.1.1-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Thu Feb 8 2018 Zdenek Dohnal - 7.1.1-2

- remove old stuff

* Mon Feb 5 2018 Zdenek Dohnal - 7.1.1-1

- rebase to 7.1.1

* Tue Sep 19 2017 Zdenek Dohnal - 7.0.0-1

- rebase to 7.0.0

* Fri Aug 11 2017 Zdenek Dohnal - 6.0.0-10

- adding patches for CVE back (cups-filters needed to rebuild)

* Mon Aug 7 2017 Zdenek Dohnal - 6.0.0-9

- removing patches for CVEs, because they break other things now

* Thu Aug 3 2017 Zdenek Dohnal - 6.0.0-8

- 1477213 - Detect recursions loop resolving objects

- 1454820 - CVE-2017-9208

- 1454820 - CVE-2017-9209

- 1454820 - CVE-2017-9210

* Thu Aug 3 2017 Fedora Release Engineering - 6.0.0-7

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

* Thu Jul 27 2017 Fedora Release Engineering - 6.0.0-6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

su -c 'dnf upgrade --advisory FEDORA-2018-d7ea552cde' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2018-d7ea552cde 2018-04-27 22:57:28.389605 Product : Fedora 26 Version : 7.1.1 Release : 5.fc26 URL : https://qpdf.sourceforge.io/ Summary : Command-line tools and library for transforming PDF files Description : QPDF is a command-line program that does structural, content-preserving transformations on PDF files. It could have been called something like pdf-to-pdf. It includes support for merging and splitting PDFs and to manipulate the list of pages in a PDF file. It is not a PDF viewer or a program capable of converting PDF into other formats. Rebase to qpdf-7.1.1 because of CVEs * Mon Apr 16 2018 Zdenek Dohnal - 7.1.1-5 - CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all] * Mon Feb 19 2018 Zdenek Dohnal - 7.1.1-4 - gcc and gcc-c++ are no longer in buildroot by default * Fri Feb 9 2018 Fedora Release Engineering - 7.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Feb 8 2018 Zdenek Dohnal - 7.1.1-2 - remove old stuff * Mon Feb 5 2018 Zdenek Dohnal - 7.1.1-1 - rebase to 7.1.1 * Tue Sep 19 2017 Zdenek Dohnal - 7.0.0-1 - rebase to 7.0.0 * Fri Aug 11 2017 Zdenek Dohnal - 6.0.0-10 - adding patches for CVE back (cups-filters needed to rebuild) * Mon Aug 7 2017 Zdenek Dohnal - 6.0.0-9 - removing patches for CVEs, because they break other things now * Thu Aug 3 2017 Zdenek Dohnal - 6.0.0-8 - 1477213 - Detect recursions loop resolving objects - 1454820 - CVE-2017-9208 - 1454820 - CVE-2017-9209 - 1454820 - CVE-2017-9210 * Thu Aug 3 2017 Fedora Release Engineering - 6.0.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering - 6.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild su -c 'dnf upgrade --advisory FEDORA-2018-d7ea552cde' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 26
Version : 7.1.1
Release : 5.fc26
URL : https://qpdf.sourceforge.io/
Summary : Command-line tools and library for transforming PDF files

Related News

25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved