MGASA-2017-0237

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2017-0237.html
Import Source
https://advisories.mageia.org/MGASA-2017-0237.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2017-0237
Related
Published
2017-08-03T19:05:47Z
Modified
2017-08-03T18:48:07Z
Summary
Updated qpdf packages fix security vulnerabilities
Details

This snapshot of the upstream development branch (6.0) of qpdf fixes several infinite loop vulnerabilities: CVE-2017-9208, CVE-2017-9209, CVE-2017-9210, CVE-2017-11624, CVE-2017-11625, CVE-2017-11626, CVE-2017-11627.

For Mageia 5, the cups-filters package was also rebuilt against this new major version of qpdf.

References
Credits

Affected packages

Mageia:5 / cups-filters

Package

Name
cups-filters
Purl
pkg:rpm/mageia/cups-filters?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.71-1.3.mga5

Ecosystem specific 

{
    "section": "core"
}

Mageia:5 / qpdf

Package

Name
qpdf
Purl
pkg:rpm/mageia/qpdf?distro=mageia-5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.0-2.20170730.1.mga5

Ecosystem specific 

{
    "section": "core"
}

Mageia:6 / qpdf

Package

Name
qpdf
Purl
pkg:rpm/mageia/qpdf?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.0-2.20170730.1.mga6

Ecosystem specific 

{
    "section": "core"
}