Security update for podofo SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:3541-1 Final 1 1 2024-10-08T08:33:37Z current 2024-10-08T08:33:37Z 2024-10-08T08:33:37Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for podofo This update for podofo fixes the following issues: - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection (bsc#1023190) - CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027787) - CVE-2017-6841: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h) (bsc#1027786) - CVE-2017-6842: Fixed NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027785) - CVE-2017-6845: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h) (bsc#1027779) - CVE-2017-6849: Fixed NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp) (bsc#1027776) - CVE-2017-8378: Fixed denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp) (bsc#1037000) - CVE-2018-5308: Fixed Undefined behavior (memcpy with NULL pointer) in PdfMemoryOutputStream::Write (src/base/PdfOutputStream.cpp) (bsc#1075772) - CVE-2019-10723: Fixed Memory leak in PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp (bsc#1131544) - CVE-2019-9199: Fixed NULL pointer dereference in function PoDoFo:Impose:PdfTranslator:setSource() in pdftranslator.cpp (bsc#1127855) - Fixed NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp) (bsc#1023072) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-3541,SUSE-SLE-SDK-12-SP5-2024-3541,SUSE-SLE-WE-12-SP5-2024-3541 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ Link for SUSE-SU-2024:3541-1 https://lists.suse.com/pipermail/sle-security-updates/2024-October/019558.html E-Mail link for SUSE-SU-2024:3541-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1023072 SUSE Bug 1023072 https://bugzilla.suse.com/1023190 SUSE Bug 1023190 https://bugzilla.suse.com/1027776 SUSE Bug 1027776 https://bugzilla.suse.com/1027779 SUSE Bug 1027779 https://bugzilla.suse.com/1027785 SUSE Bug 1027785 https://bugzilla.suse.com/1027786 SUSE Bug 1027786 https://bugzilla.suse.com/1027787 SUSE Bug 1027787 https://bugzilla.suse.com/1037000 SUSE Bug 1037000 https://bugzilla.suse.com/1075772 SUSE Bug 1075772 https://bugzilla.suse.com/1127855 SUSE Bug 1127855 https://bugzilla.suse.com/1131544 SUSE Bug 1131544 https://www.suse.com/security/cve/CVE-2015-8981/ SUSE CVE CVE-2015-8981 page https://www.suse.com/security/cve/CVE-2017-5854/ SUSE CVE CVE-2017-5854 page https://www.suse.com/security/cve/CVE-2017-6840/ SUSE CVE CVE-2017-6840 page https://www.suse.com/security/cve/CVE-2017-6841/ SUSE CVE CVE-2017-6841 page https://www.suse.com/security/cve/CVE-2017-6842/ SUSE CVE CVE-2017-6842 page https://www.suse.com/security/cve/CVE-2017-6845/ SUSE CVE CVE-2017-6845 page https://www.suse.com/security/cve/CVE-2017-6849/ SUSE CVE CVE-2017-6849 page https://www.suse.com/security/cve/CVE-2017-8378/ SUSE CVE CVE-2017-8378 page https://www.suse.com/security/cve/CVE-2018-5308/ SUSE CVE CVE-2018-5308 page https://www.suse.com/security/cve/CVE-2019-10723/ SUSE CVE CVE-2019-10723 page https://www.suse.com/security/cve/CVE-2019-9199/ SUSE CVE CVE-2019-9199 page SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SP5 libpodofo-devel-0.9.2-3.21.1 libpodofo0_9_2-0.9.2-3.21.1 podofo-0.9.2-3.21.1 libpodofo-devel-0.9.2-3.21.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 libpodofo0_9_2-0.9.2-3.21.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size. CVE-2015-8981 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2015-8981.html CVE-2015-8981 https://bugzilla.suse.com/1023190 SUSE Bug 1023190 base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. CVE-2017-5854 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-5854.html CVE-2017-5854 https://bugzilla.suse.com/1023070 SUSE Bug 1023070 https://bugzilla.suse.com/1096890 SUSE Bug 1096890 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. CVE-2017-6840 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-6840.html CVE-2017-6840 https://bugzilla.suse.com/1027787 SUSE Bug 1027787 The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6841 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-6841.html CVE-2017-6841 https://bugzilla.suse.com/1027786 SUSE Bug 1027786 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6842 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-6842.html CVE-2017-6842 https://bugzilla.suse.com/1027785 SUSE Bug 1027785 The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6845 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-6845.html CVE-2017-6845 https://bugzilla.suse.com/1027779 SUSE Bug 1027779 https://bugzilla.suse.com/1027781 SUSE Bug 1027781 The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. CVE-2017-6849 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-6849.html CVE-2017-6849 https://bugzilla.suse.com/1027776 SUSE Bug 1027776 Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. CVE-2017-8378 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2017-8378.html CVE-2017-8378 https://bugzilla.suse.com/1037000 SUSE Bug 1037000 PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. CVE-2018-5308 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2018-5308.html CVE-2018-5308 https://bugzilla.suse.com/1075772 SUSE Bug 1075772 An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. CVE-2019-10723 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2019-10723.html CVE-2019-10723 https://bugzilla.suse.com/1131544 SUSE Bug 1131544 PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. CVE-2019-9199 SUSE Linux Enterprise Software Development Kit 12 SP5:libpodofo-devel-0.9.2-3.21.1 SUSE Linux Enterprise Workstation Extension 12 SP5:libpodofo0_9_2-0.9.2-3.21.1 low 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20243541-1/ https://www.suse.com/security/cve/CVE-2019-9199.html CVE-2019-9199 https://bugzilla.suse.com/1127855 SUSE Bug 1127855