--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-c9b0c406b3
2017-11-15 15:47:48.468189
--------------------------------------------------------------------------------Name        : poppler-data
Product     : Fedora 27
Version     : 0.4.8
Release     : 3.fc27
URL         : http://poppler.freedesktop.org/
Summary     : Encoding files
Description :
This package consists of encoding files for poppler.  When installed,
the encoding files enables poppler to correctly render CJK and Cyrillic
properly.

--------------------------------------------------------------------------------Update Information:

Latest release of `Ghostscript` (version `9.22`) fixes several *low-impact*
security issues, as it provides regular quality improvements & fixes as well.
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1433159 - ghostscript-9.22 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1433159
  [ 2 ] Bug #1491191 - ghostscript 9.20 (gs bug number 697846) causes pstoedit to fail, breaking textext in inkscape
        https://bugzilla.redhat.com/show_bug.cgi?id=1491191
  [ 3 ] Bug #1476193 - CVE-2017-11714 ghostscript: Out of bounds read in igc_reloc_struct_ptr() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1476193
  [ 4 ] Bug #1475838 - CVE-2017-9610 CVE-2017-9611 CVE-2017-9612 CVE-2017-9618 CVE-2017-9619 CVE-2017-9620 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9740 CVE-2017-9835 ghostscript: various flaws [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1475838
  [ 5 ] Bug #1456729 - CVE-2017-9216 ghostscript: jbig2dec: Null pointer dereference in jbig2_huffman_get() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1456729
  [ 6 ] Bug #1451250 - CVE-2017-8908 ghostscript: Out-of-bounds read in mark_line_tr function [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1451250
  [ 7 ] Bug #1444945 - CVE-2017-7948 ghostscript: Integer overflow in the mark_curve function [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1444945
  [ 8 ] Bug #1427442 - CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_image_enum_begin function [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1427442
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade poppler-data' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 27: poppler-data Security Update

November 15, 2017
Latest release of `Ghostscript` (version `9.22`) fixes several *low-impact* security issues, as it provides regular quality improvements & fixes as well.

Summary

This package consists of encoding files for poppler. When installed,

the encoding files enables poppler to correctly render CJK and Cyrillic

properly.

Latest release of `Ghostscript` (version `9.22`) fixes several *low-impact*

security issues, as it provides regular quality improvements & fixes as well.

[ 1 ] Bug #1433159 - ghostscript-9.22 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1433159

[ 2 ] Bug #1491191 - ghostscript 9.20 (gs bug number 697846) causes pstoedit to fail, breaking textext in inkscape

https://bugzilla.redhat.com/show_bug.cgi?id=1491191

[ 3 ] Bug #1476193 - CVE-2017-11714 ghostscript: Out of bounds read in igc_reloc_struct_ptr() [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1476193

[ 4 ] Bug #1475838 - CVE-2017-9610 CVE-2017-9611 CVE-2017-9612 CVE-2017-9618 CVE-2017-9619 CVE-2017-9620 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9740 CVE-2017-9835 ghostscript: various flaws [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1475838

[ 5 ] Bug #1456729 - CVE-2017-9216 ghostscript: jbig2dec: Null pointer dereference in jbig2_huffman_get() [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1456729

[ 6 ] Bug #1451250 - CVE-2017-8908 ghostscript: Out-of-bounds read in mark_line_tr function [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1451250

[ 7 ] Bug #1444945 - CVE-2017-7948 ghostscript: Integer overflow in the mark_curve function [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1444945

[ 8 ] Bug #1427442 - CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_image_enum_begin function [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1427442

su -c 'dnf upgrade poppler-data' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-c9b0c406b3 2017-11-15 15:47:48.468189 Product : Fedora 27 Version : 0.4.8 Release : 3.fc27 URL : http://poppler.freedesktop.org/ Summary : Encoding files Description : This package consists of encoding files for poppler. When installed, the encoding files enables poppler to correctly render CJK and Cyrillic properly. Latest release of `Ghostscript` (version `9.22`) fixes several *low-impact* security issues, as it provides regular quality improvements & fixes as well. [ 1 ] Bug #1433159 - ghostscript-9.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1433159 [ 2 ] Bug #1491191 - ghostscript 9.20 (gs bug number 697846) causes pstoedit to fail, breaking textext in inkscape https://bugzilla.redhat.com/show_bug.cgi?id=1491191 [ 3 ] Bug #1476193 - CVE-2017-11714 ghostscript: Out of bounds read in igc_reloc_struct_ptr() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1476193 [ 4 ] Bug #1475838 - CVE-2017-9610 CVE-2017-9611 CVE-2017-9612 CVE-2017-9618 CVE-2017-9619 CVE-2017-9620 CVE-2017-9726 CVE-2017-9727 CVE-2017-9739 CVE-2017-9740 CVE-2017-9835 ghostscript: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475838 [ 5 ] Bug #1456729 - CVE-2017-9216 ghostscript: jbig2dec: Null pointer dereference in jbig2_huffman_get() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456729 [ 6 ] Bug #1451250 - CVE-2017-8908 ghostscript: Out-of-bounds read in mark_line_tr function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1451250 [ 7 ] Bug #1444945 - CVE-2017-7948 ghostscript: Integer overflow in the mark_curve function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1444945 [ 8 ] Bug #1427442 - CVE-2017-6196 ghostscript: Multiple use-after-free vulnerabilities in gx_image_enum_begin function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1427442 su -c 'dnf upgrade poppler-data' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 27
Version : 0.4.8
Release : 3.fc27
URL : http://poppler.freedesktop.org/
Summary : Encoding files

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved