#14454: poppler-21.01.0 -------------------------+--------------------- Reporter: bdubbs | Owner: renodr Type: enhancement | Status: closed Priority: high | Milestone: 10.1 Component: BOOK | Version: SVN Severity: normal | Resolution: fixed Keywords: | -------------------------+--------------------- Changes (by renodr):
* priority: normal => high Comment: According to Arch, this contained a security fix for a heap-buffer- overflow in DCTStream::getChars, which can be exploited by a malicious PDF document. The CVE number is CVE-2020-35702, and this can lead to arbitrary code execution. -- Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14454#comment:4> BLFS Trac <http://wiki.linuxfromscratch.org/blfs> Beyond Linux From Scratch -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page