Source: libpodofo Version: 0.9.6+dfsg-4 Severity: important Tags: security upstream Forwarded: https://sourceforge.net/p/podofo/tickets/34/
Hi, The following vulnerability was published for libpodofo. CVE-2018-20797[0]: | An issue was discovered in PoDoFo 0.9.6. There is an attempted | excessive memory allocation in PoDoFo::podofo_calloc in | base/PdfMemoryManagement.cpp when called from | PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in | base/PdfFiltersPrivate.cpp. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-20797 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20797 [1] https://sourceforge.net/p/podofo/tickets/34/ Please adjust the affected versions in the BTS as needed. Regards, Salvatore