Debian Security Advisory
DLA-446-1 poppler -- LTS security update
- Date Reported:
- 29 Apr 2016
- Affected Packages:
- poppler
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 822578.
In Mitre's CVE dictionary: CVE-2015-8868. - More information:
-
A heap buffer overflow vulnerability was found in the poppler library. A maliciously crafted file could cause the application to crash. The issue happens when
ExtGState
is not a valid blend mode.For Debian 7
Wheezy
, these issues have been fixed in poppler version 0.18.4-6+deb7u1