kdegraphics3-3.5.10-1.5 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10352-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z kdegraphics3-3.5.10-1.5 on GA media These are all security issues fixed in the kdegraphics3-3.5.10-1.5 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10352 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-0146/ SUSE CVE CVE-2009-0146 page https://www.suse.com/security/cve/CVE-2009-3603/ SUSE CVE CVE-2009-3603 page openSUSE Tumbleweed kdegraphics3-3.5.10-1.5 kdegraphics3-3D-3.5.10-1.5 kdegraphics3-devel-3.5.10-1.5 kdegraphics3-extra-3.5.10-1.5 kdegraphics3-fax-3.5.10-1.5 kdegraphics3-imaging-3.5.10-1.5 kdegraphics3-kamera-3.5.10-1.5 kdegraphics3-pdf-3.5.10-1.5 kdegraphics3-postscript-3.5.10-1.5 kdegraphics3-scan-3.5.10-1.5 kdegraphics3-tex-3.5.10-1.5 kdegraphics3-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-3D-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-devel-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-extra-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-fax-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-imaging-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-kamera-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-pdf-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-postscript-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-scan-3.5.10-1.5 as a component of openSUSE Tumbleweed kdegraphics3-tex-3.5.10-1.5 as a component of openSUSE Tumbleweed Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. CVE-2009-0146 openSUSE Tumbleweed:kdegraphics3-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-3D-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-devel-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-extra-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-fax-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-imaging-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-kamera-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-pdf-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-postscript-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-scan-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-tex-3.5.10-1.5 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-0146.html CVE-2009-0146 https://bugzilla.suse.com/485892 SUSE Bug 485892 https://bugzilla.suse.com/485897 SUSE Bug 485897 https://bugzilla.suse.com/489626 SUSE Bug 489626 https://bugzilla.suse.com/502061 SUSE Bug 502061 Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188. CVE-2009-3603 openSUSE Tumbleweed:kdegraphics3-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-3D-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-devel-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-extra-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-fax-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-imaging-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-kamera-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-pdf-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-postscript-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-scan-3.5.10-1.5 openSUSE Tumbleweed:kdegraphics3-tex-3.5.10-1.5 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-3603.html CVE-2009-3603 https://bugzilla.suse.com/539875 SUSE Bug 539875 https://bugzilla.suse.com/546400 SUSE Bug 546400 https://bugzilla.suse.com/546404 SUSE Bug 546404