What Are You Looking For?

Popular Tags

Sign Up
MGASA-2023-0262 - Updated poppler packages fix security vulnerability

Publication date: 11 Sep 2023
URL: https://advisories.mageia.org/MGASA-2023-0262.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2020-36023,
     CVE-2020-36024

An issue was discovered in freedesktop poppler version 20.12.1, allows
remote attackers to cause a denial of service (DoS) via crafted .pdf file
to FoFiType1C::cvtGlyph function. (CVE-2020-36023)

An issue was discovered in freedesktop poppler version 20.12.1, allows
remote attackers to cause a denial of service (DoS) via crafted .pdf file
to FoFiType1C::convertToType1 function. (CVE-2020-36024)

References:
- https://bugs.mageia.org/show_bug.cgi?id=32242
- https://ubuntu.com/security/notices/USN-6299-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024

SRPMS:
- 8/core/poppler-20.12.1-1.4.mga8

Mageia 2023-0262: poppler security update

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function

Summary

An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function. (CVE-2020-36023)
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function. (CVE-2020-36024)

References

- https://bugs.mageia.org/show_bug.cgi?id=32242

- https://ubuntu.com/security/notices/USN-6299-1

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024

Resolution

MGASA-2023-0262 - Updated poppler packages fix security vulnerability

SRPMS

- 8/core/poppler-20.12.1-1.4.mga8

Severity
Publication date: 11 Sep 2023
URL: https://advisories.mageia.org/MGASA-2023-0262.html
Type: security
CVE: CVE-2020-36023, CVE-2020-36024

Related News

Kali Linux 2023.3 Released with 9 New Tools, Internal Changes

Aug 24, 2023

Linux Malware! Read This If You Use Free Download Manager

Sep 13, 2023

Multiple Severe, Remotely Exploitable Chromium Vulns Fixed

Sep 15, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Footer Logo

Feedback