poppler: fix CVE-2024-6239 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Yogita Urade <yogita.urade@windriver.com>	2025-01-09 12:25:26 +0000
committer	Armin Kuster <akuster808@gmail.com>	2025-01-22 19:16:45 -0500
commit	e9e496dc64ed0abf602ea103ee10e6d3ffd918b9 (patch)
tree	65019c949efb0c760184013f608f27bb6803827a /meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch
parent	9d2f35c8ce8c65434f8c91c3bec927f38334b76c (diff)
download	meta-openembedded-e9e496dc64ed0abf602ea103ee10e6d3ffd918b9.tar.gz

poppler: fix CVE-2024-6239

A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service. CVE-2024-6239-0001 is the dependent commit and CVE-2024-6239-0002 is the actual CVE fix. fix indent issue in poppler_22.04.0.bb file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-6239 Upstream patches: https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4 https://gitlab.freedesktop.org/poppler/poppler/-/commit/fc1c711cb5f769546c6b31cc688bf0ee7f0c1dbc Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: