-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4079-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff January 07, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poppler CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 CVE-2017-14517 CVE-2017-14518 CVE-2017-14519 CVE-2017-14520 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565 Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 0.26.5-2+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 0.48.0-2+deb9u1. We recommend that you upgrade your poppler packages. For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlpSiFIACgkQEMKTtsN8 TjZIsw/+LPKxmBDCsjqZy1IWCiRdK1cDcw92tEH9f1TeTfS+35oelP10xqFXP+sQ G49gdxaoJ+FgM/LNhVp19z49EJvRn7JbmxKmmHmcVodEKKkrWiRfqZlD2QE14f64 ggnaedwqZEesw3vfyXcOkzu/ZNvi87/FE5OkKhjJa+2Xy6XAb0fKvpGnszjPoPxy ydUJ1HiD8EeefG1x+GT6ZoOjG/Ds92tEAUbOwqxU4Dit0q/ewUq3tudoeu0uvW84 kBFDOvXNG3B3CxUgNlkGKaLVVqbnFHazFNf4Tqn9PVZ6DFC3GWO6fSdslWiVYDrv jfH+KDXFE+tmgRQNyt2ZIIuPXaPSN2o/SU0n6kIgjlIubIuLUA+f0RnzeyY7mtwq +yenkEe6n/vl9Tckf0dXBqBUlLavMe5z6X7eZjsx/CZSSXqtG66wob9USmHtwB8f cbwn3oL7PRB0Yw1g/1N/QaY9Z0LjYDtiWmqqFoomyutXoQtlje0/drsAbhjzzZSj lwKx+1XjCTEKRDgeCqiD7adoy5fhzu4Xls4MWmw0btXxFpwYGCgBLzXu2/oRZkaw wTdPBGFzs/sgpFEshnqTmQSxEip5/EcpI68IBge4dX43S9V6rpY6qt3OyN+QiJgO EgKR8JioxJH8gydX5DWhozYK2v/0rHYcnK5YT2G/DMpP5bDyYgk= =VXeq -----END PGP SIGNATURE-----