[3.1] poppler: heap buffer overflow (CVE-2015-8868)
A heap buffer overflow vulnerability was found in the poppler library. A maliciously crafted file could cause the application to crash.
Versions pre 0.40.0 are vulnerable.
References:
http://seclists.org/oss-sec/2016/q2/56
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-8868
Patch:
https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
(from redmine: issue id 5536, created on 2016-05-03, closed on 2016-06-15)
- Relations:
- parent #5533 (closed)
- Changesets:
- Revision f317b1b3 on 2016-06-14T12:10:34Z:
main/poppler: security fix (CVE-2015-8868). Fixes #5536
(cherry picked from commit b34bf3e1e7c3c9605a1535256894515ed100f979)