Fedora 34: FEDORA-2021-d1b3fd44b1 Severe Memory Corruption in PDFAnalyzer

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format

allows for previous document changes to be retained in a more recent

version of the document, thereby creating a running history of changes

for the document. This tool attempts to extract all previous versions

while also producing a summary of changes between versions. This tool

can also "scrub" or write data over the original instances of PDF objects

that have been modified or deleted, in an effort to disguise information

from previous versions that might not be intended for anyone else to read.

PDFresurrect 0.21

* Tue Nov 24 2020 2019 Peter Lemenkov - 0.21-1

- Ver. 0.21

[ 1 ] Bug #1900813 - CVE-2020-20740 pdfresurrect: heap-based buffer overflow in pdf_get_version function due to lack of header validation checks [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1900813

su -c 'dnf upgrade --advisory FEDORA-2020-e9f9bb77a0' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/