Security update for podofo SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:0066-1 Final 1 1 2019-01-18T15:34:00Z current 2019-01-18T15:34:00Z 2019-01-18T15:34:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for podofo This update for podofo version 0.9.6 fixes the following issues: Security issues fixed: - CVE-2017-5852: Fix a infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject (PdfPage.cpp) (boo#1023067) - CVE-2017-5854: Fix a NULL pointer dereference in PdfOutputStream.cpp (boo#1023070) - CVE-2017-5886: Fix a heap-based buffer overflow in PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp) (boo#1023380) - CVE-2017-6844: Fix a buffer overflow in PoDoFo::PdfParser::ReadXRefSubsection (PdfParser.cpp) (boo#1027782) - CVE-2017-6847: Fix a NULL pointer dereference in PoDoFo::PdfVariant::DelayedLoad (PdfVariant.h) (boo#1027778) - CVE-2017-7379: Fix a heap-based buffer overflow in PoDoFo::PdfSimpleEncoding::ConvertToEncoding (PdfEncoding.cpp) (boo#1032018) - CVE-2018-5296: Fix a denial of service in the ReadXRefSubsection function (boo#1075021) - CVE-2018-5309: Fix a integer overflow in the ReadObjectsFromStream function (boo#1075322) - CVE-2017-5853: Fix a signed integer overflow in PdfParser.cpp (boo#1023069) - CVE-2017-5855: Fix a NULL pointer dereference in the ReadXRefSubsection function (boo#1023071) - CVE-2017-6840: Fix a invalid memory read in the GetColorFromStack function (boo#1027787) - CVE-2017-6845: Fix a NULL pointer dereference in the SetNonStrokingColorSpace function (boo#1027779) - CVE-2017-7378: Fix a heap-based buffer overflow in the ExpandTabs function (boo#1032017) - CVE-2017-7380: Fix four null pointer dereferences (boo#1032019) - CVE-2017-8054: Fix a denial of service in the GetPageNodeFromArray function (boo#1035596) - CVE-2018-5295: Fix a integer overflow in the ParseStream function (boo#1075026) - CVE-2018-5308: Fix undefined behavior in the PdfMemoryOutputStream::Write function (boo#1075772) - CVE-2018-8001: Fix a heap overflow read vulnerability in the UnescapeName function (boo#1084894) - CVE-2017-7994, CVE-2017-8787: Fix a denial of service via a crafted PDF document (boo#1035534, boo#1037739) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html E-Mail link for openSUSE-SU-2019:0066-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 libpodofo-devel-0.9.6-10.3.1 libpodofo0_9_6-0.9.6-10.3.1 podofo-0.9.6-10.3.1 libpodofo-devel-0.9.6-10.3.1 as a component of openSUSE Leap 42.3 libpodofo0_9_6-0.9.6-10.3.1 as a component of openSUSE Leap 42.3 podofo-0.9.6-10.3.1 as a component of openSUSE Leap 42.3 The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted file. CVE-2017-5852 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-5852.html CVE-2017-5852 https://bugzilla.suse.com/1023067 SUSE Bug 1023067 Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. CVE-2017-5853 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-5853.html CVE-2017-5853 https://bugzilla.suse.com/1023069 SUSE Bug 1023069 base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. CVE-2017-5854 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-5854.html CVE-2017-5854 https://bugzilla.suse.com/1023070 SUSE Bug 1023070 https://bugzilla.suse.com/1096890 SUSE Bug 1096890 The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-5855 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-5855.html CVE-2017-5855 https://bugzilla.suse.com/1023071 SUSE Bug 1023071 Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. CVE-2017-5886 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-5886.html CVE-2017-5886 https://bugzilla.suse.com/1023380 SUSE Bug 1023380 https://bugzilla.suse.com/1084902 SUSE Bug 1084902 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. CVE-2017-6840 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-6840.html CVE-2017-6840 https://bugzilla.suse.com/1027787 SUSE Bug 1027787 Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. CVE-2017-6844 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-6844.html CVE-2017-6844 https://bugzilla.suse.com/1027782 SUSE Bug 1027782 The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6845 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-6845.html CVE-2017-6845 https://bugzilla.suse.com/1027779 SUSE Bug 1027779 https://bugzilla.suse.com/1027781 SUSE Bug 1027781 The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6847 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-6847.html CVE-2017-6847 https://bugzilla.suse.com/1027778 SUSE Bug 1027778 The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. CVE-2017-7378 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-7378.html CVE-2017-7378 https://bugzilla.suse.com/1032017 SUSE Bug 1032017 The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. CVE-2017-7379 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-7379.html CVE-2017-7379 https://bugzilla.suse.com/1032018 SUSE Bug 1032018 The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. CVE-2017-7380 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-7380.html CVE-2017-7380 https://bugzilla.suse.com/1032019 SUSE Bug 1032019 The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. CVE-2017-7994 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-7994.html CVE-2017-7994 https://bugzilla.suse.com/1035534 SUSE Bug 1035534 The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. CVE-2017-8054 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-8054.html CVE-2017-8054 https://bugzilla.suse.com/1035596 SUSE Bug 1035596 https://bugzilla.suse.com/1094315 SUSE Bug 1094315 The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. CVE-2017-8787 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2017-8787.html CVE-2017-8787 https://bugzilla.suse.com/1037739 SUSE Bug 1037739 In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. CVE-2018-5295 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2018-5295.html CVE-2018-5295 https://bugzilla.suse.com/1075026 SUSE Bug 1075026 In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. CVE-2018-5296 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2018-5296.html CVE-2018-5296 https://bugzilla.suse.com/1075021 SUSE Bug 1075021 PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. CVE-2018-5308 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2018-5308.html CVE-2018-5308 https://bugzilla.suse.com/1075772 SUSE Bug 1075772 In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. CVE-2018-5309 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2018-5309.html CVE-2018-5309 https://bugzilla.suse.com/1075322 SUSE Bug 1075322 In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. CVE-2018-8001 openSUSE Leap 42.3:libpodofo-devel-0.9.6-10.3.1 openSUSE Leap 42.3:libpodofo0_9_6-0.9.6-10.3.1 openSUSE Leap 42.3:podofo-0.9.6-10.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00027.html https://www.suse.com/security/cve/CVE-2018-8001.html CVE-2018-8001 https://bugzilla.suse.com/1084894 SUSE Bug 1084894