SUSE: 2018:3066-2 Moderate: qpdf Stack Consumption Issues
suse
October 18, 2018
An update that fixes 8 vulnerabilities is now available
Summary
This update for qpdf fixes the following issues: qpdf was updated to 7.1.1. Security issues fixed: - CVE-2017-11627: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050577). - CVE-2017-11625: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050579). - CVE-2017-11626: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050578). - CVE-2017-11624: A stack-consumption vulnerability which allows attackers to cause DoS (bsc#1050581). - CVE-2017-12595: Stack overflow when processing deeply nested arrays and dictionaries (bsc#1055960). - CVE-2017-9209: Remote attackers can cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document (bsc#1040312).
References
#1040311 #1040312 #1040313 #1050577 #1050578
#1050579 #1050581 #1055960
Cross- CVE-2017-11624 CVE-2017-11625 CVE-2017-11626
CVE-2017-11627 CVE-2017-12595 CVE-2017-9208
CVE-2017-9209 CVE-2017-9210
Affected Products:
SUSE Linux Enterprise Server 12-SP2-BCL
https://www.suse.com/security/cve/CVE-2017-11624.html
https://www.suse.com/security/cve/CVE-2017-11625.html
https://www.suse.com/security/cve/CVE-2017-11626.html
https://www.suse.com/security/cve/CVE-2017-11627.html
https://www.suse.com/security/cve/CVE-2017-12595.html
https://www.suse.com/security/cve/CVE-2017-9208.html
https://www.suse.com/security/cve/CVE-2017-9209.html
https://www.suse.com/security/cve/CVE-2017-9210.html
https://bugzilla.suse.com/1040311
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2018:3066-2
Rating: moderate
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!