Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 40 mingw-poppler advisory: CVE-2024-56378 Critical Fix

fedora
Calendar Grey January 10, 2025
Dist Fedora Esm H88
Fedora 40 has rolled out a significant update for the MinGW Poppler library addressing the critical security vulnerability CVE-2024-56378, along with pivotal patch notes.
Backport fix for CVE-2024-56378.

Summary

MinGW Windows Poppler library.

Update Information:

Backport fix for CVE-2024-56378.

Topics%20covered

Topics Covered

security advisory software update Fedora out-of-bounds read mingw-poppler backport fix

Change Log

* Wed Jan 1 2025 Sandro Mani - 24.02.0-4 - Backport fix for CVE-2024-56378 * Thu Jul 18 2024 Fedora Release Engineering - 24.02.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild

References


[ 1 ] Bug #2333812 - CVE-2024-56378 mingw-poppler: out-of-bounds read [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2333812 [ 2 ] Bug #2333814 - CVE-2024-56378 mingw-poppler: out-of-bounds read [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2333814

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ed039a54de' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-poppler
Product: Fedora 40
Version: 24.02.0
Release: 4.fc40
URL: http://poppler.freedesktop.org/
Summary: MinGW Windows Poppler library

Topics%20covered

Topics Covered

security advisory software update Fedora out-of-bounds read mingw-poppler backport fix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here