[3.0] poppler: heap buffer overflow (CVE-2015-8868)
A heap buffer overflow vulnerability was found in the poppler library. A maliciously crafted file could cause the application to crash.
Versions pre 0.40.0 are vulnerable.
References:
http://seclists.org/oss-sec/2016/q2/56
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-8868
Patch:
https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433
(from redmine: issue id 5537, created on 2016-05-03, closed on 2016-06-15)
- Relations:
- parent #5533 (closed)
- Changesets:
- Revision ee7386df on 2016-06-02T07:46:42Z:
main/poppler: security fix (CVE-2015-8868). Fixes #5537