Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
203
security advisorymoderatesecurity issueMageia 7: MGASA-2020-0449 Moderate: Pdfresurrect Heap Overflow Fix
In PDFResurrect before 0.20, lack of header validation checks causes a heap-buffer-overflow in pdf_get_version() (CVE-2020-20740). References: - https://bugs.mageia.org/show_bug.cgi?id=27704 . MGASA-2020-0449 - Updated pdfresurrect package fixes security vulnerability Publication date: 05 Dec 2020 URL: https://advisories.mageia.org/MGASA-2020-0449.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-20740 In PDFResurrect before 0.20, lack of header validation checks causes a heap-buffer-overflow in pdf_get_version() (CVE-2020-20740). References: - https://bugs.mageia.org/show_bug.cgi?id=27704 - https://lists.debian.org/debian-lts-announce/2020/12/msg00002.html - https://lists.fedoraproject.org/archives/list/
Dec 05, 2020
Mageia
89
security advisoryfedoraupdateFedora 34: FEDORA-2021-d1b3fd44b1 Severe Memory Corruption in PDFAnalyzer
PDFresurrect 0.21. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-e9f9bb77a0 2020-12-04 19:51:26.625888 --------------------------------------------------------------------------------Name : pdfresurrect Product : Fedora 33 Version : 0.21 Release : 1.fc33 URL : https://github.com/enferex/pdfresurrect Summary : PDF Analysis and Scrubbing Utility Description : PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. This tool can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read. --------------------------------------------------------------------------------Update Information: PDFresurrect 0.21 --------------------------------------------------------------------------------ChangeLog: * Tue Nov 24 2020 2019 Peter Lemenkov - 0.21-1 - Ver. 0.21 --------------------------------------------------------------------------------References: [ 1 ] Bug #1900813 - CVE-2020-20740 pdfresurrect: heap-based buffer overflow in pdf_get_version function due to lack of header validation checks [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1900813 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-e9f9bb77a0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 04, 2020
•Important
Fedora
89
security advisoryfedorabuffer overflowFedora 35: 2022-1a114acc0a High: Xpdf Memory Leak Vulnerability
PDFresurrect 0.21. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-92195be0e2 2020-12-04 00:30:05.645429 --------------------------------------------------------------------------------Name : pdfresurrect Product : Fedora 32 Version : 0.21 Release : 1.fc32 URL : https://github.com/enferex/pdfresurrect Summary : PDF Analysis and Scrubbing Utility Description : PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. This tool can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read. --------------------------------------------------------------------------------Update Information: PDFresurrect 0.21 --------------------------------------------------------------------------------ChangeLog: * Tue Nov 24 2020 2019 Peter Lemenkov - 0.21-1 - Ver. 0.21 * Tue Jul 28 2020 Fedora Release Engineering - 0.18-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1900813 - CVE-2020-20740 pdfresurrect: heap-based buffer overflow in pdf_get_version function due to lack of header validation checks [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1900813 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-92195be0e2' at the command line. For more information, refer to the dnfdocumentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 03, 2020
Fedora
172
security advisorydenial of servicecritical issueUbuntu 16.04 LTS USN-4642-1 Critical: PDFResurrect Denial Of Service
PDFResurrect could be made to crash or run programs as your login if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-4642-1 November 24, 2020 pdfresurrect vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: PDFResurrect could be made to crash or run programs as your login if it opened a specially crafted file. Software Description: - pdfresurrect: tool for extracting versioning data from PDF documents Details: It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service (system crash) or arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: pdfresurrect 0.12-6ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4642-1 CVE-2020-9549 Package Information: https://launchpad.net/ubuntu/+source/pdfresurrect/0.12-6ubuntu0.2 . Upgrade your Ubuntu 16.04 LTS installation to address the PDFResurrect security flaw, which could lead to system instability and potential remote code execution threats.. pdfresurrect Vulnerability, Ubuntu 16.04, Denial Of Service, Code Execution. . Severity: Critical. LinuxSecurity.com Team
Nov 23, 2020
•Critical
Ubuntu
203
security advisorysecurity issueout-of-boundsMageia 7: 2020-0133 Critical: Pdfresurrect Out-of-Bounds Threat
The updated package fixes a security vulnerability: In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. (CVE-2020-9549) . MGASA-2020-0133 - Updated pdfresurrect packages fix security vulnerability Publication date: 08 Mar 2020 URL: https://advisories.mageia.org/MGASA-2020-0133.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-9549 The updated package fixes a security vulnerability: In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. (CVE-2020-9549) References: - https://bugs.mageia.org/show_bug.cgi?id=26304 - https://lists.debian.org/debian-lts-announce/2020/03/msg00007.html - https://www.cve.org/CVERecord?id=CVE-2020-9549 SRPMS: - 7/core/pdfresurrect-0.18-1.1.mga7 . Revised Mageia pdfresurrect packages address a critical security flaw allowing out-of-bounds access due to specially designed PDF documents. Discover further details.. pdfresurrect security update,mageia package fix,out-of-bounds write threat,CVE-2020-9549,PDF vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Mar 08, 2020
•Critical
Mageia
197
security advisorydebiantool updateDebian 8 Jessie DLA-2134-1 Critical: Pdfresurrect Out-Of-Bounds Issue
It was discovered that there was an out-of-bounds write vulnerability in pdfresurrect, a tool for extracting or scrubbing versioning data from PDF documents. . Package : pdfresurrect Version : 0.12-5+deb8u1 CVE ID : CVE-2020-9549 Debian Bug : #952948 It was discovered that there was an out-of-bounds write vulnerability in pdfresurrect, a tool for extracting or scrubbing versioning data from PDF documents. For Debian 8 "Jessie", this issue has been fixed in pdfresurrect version 0.12-5+deb8u1. We recommend that you upgrade your pdfresurrect packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,'`. : :' : Chris Lamb `. `'`
Mar 05, 2020
•Critical
Debian LTS
203
security advisorybuffer overflowsecurity fixMageia: 2019-0419 Moderate: pdfresurrect Buffer Overflow Issues
Updated pdfresurrect package fixes security vulnerabilities: A vulnerability was found in PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled (CVE-2019-14267). . MGASA-2019-0419 - Updated pdfresurrect packages fix security vulnerabilities Publication date: 31 Dec 2019 URL: https://advisories.mageia.org/MGASA-2019-0419.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-14267, CVE-2019-14934 Updated pdfresurrect package fixes security vulnerabilities: A vulnerability was found in PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled (CVE-2019-14267). An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write (CVE-2019-14934). References: - https://bugs.mageia.org/show_bug.cgi?id=25942 - https://lists.fedoraproject.org/archives/list/
Dec 31, 2019
Mageia
89
security advisorybuffer overflowFedoraFedora 31: FEDORA-2019-b20614ff74 Critical: pdfresurrect Buffer Overflow
* Security fix for CVE-2019-14267 * Security fix for CVE-2019-14934. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-b20614ff74 2019-09-14 16:29:06.037926 --------------------------------------------------------------------------------Name : pdfresurrect Product : Fedora 31 Version : 0.18 Release : 1.fc31 URL : https://github.com/enferex/pdfresurrect Summary : PDF Analysis and Scrubbing Utility Description : PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. This tool can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read. --------------------------------------------------------------------------------Update Information: * Security fix for CVE-2019-14267 * Security fix for CVE-2019-14934 --------------------------------------------------------------------------------References: [ 1 ] Bug #1735556 - CVE-2019-14267 pdfresurrect: buffer overflow via a crafted PDF file https://bugzilla.redhat.com/show_bug.cgi?id=1735556 [ 2 ] Bug #1743106 - CVE-2019-14934 pdfresurrect: out-of bounds write in pdf_load_pages_kids in pdf.c https://bugzilla.redhat.com/show_bug.cgi?id=1743106 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-b20614ff74' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 14, 2019
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!