Information on source package libpodofo

Available versions

ReleaseVersion
wheezy0.9.0-1.1
wheezy (security)0.9.0-1.1+deb7u2
jessie0.9.0-1.2
stretch0.9.4-6
buster0.9.5-6
sid0.9.5-6

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-8787vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ...
CVE-2017-8378vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableHeap-based buffer overflow in the PdfParser::ReadObjects function in ...
CVE-2017-8054vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 ...
CVE-2017-8053vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablePoDoFo 0.9.5 allows denial of service (infinite recursion and stack ...
CVE-2017-7994vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe function TextExtractor::ExtractText in TextExtractor.cpp:77 in ...
CVE-2017-7383fixedvulnerable (no DSA)fixedfixedfixedThe PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote ...
CVE-2017-7382fixedvulnerable (no DSA)fixedfixedfixedThe PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote ...
CVE-2017-7381fixedvulnerable (no DSA)fixedfixedfixedThe doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers ...
CVE-2017-7380fixedvulnerable (no DSA)fixedfixedfixedThe doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers ...
CVE-2017-7379fixedvulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in ...
CVE-2017-7378fixedvulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo ...
CVE-2017-6849vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in ...
CVE-2017-6848fixedvulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in ...
CVE-2017-6847fixedvulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...
CVE-2017-6846vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace ...
CVE-2017-6845vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo ...
CVE-2017-6844fixedvulnerable (no DSA)fixedfixedfixedBuffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function ...
CVE-2017-6843fixedvulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad ...
CVE-2017-6842fixedvulnerable (no DSA)fixedfixedfixedThe ColorChanger::GetColorFromStack function in colorchanger.cpp in ...
CVE-2017-6841vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement ...
CVE-2017-6840fixedvulnerable (no DSA)fixedfixedfixedThe ColorChanger::GetColorFromStack function in colorchanger.cpp in ...
CVE-2017-5886fixedvulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken ...
CVE-2017-5855vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in ...
CVE-2017-5854fixedvulnerable (no DSA)fixedfixedfixedbase/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ...
CVE-2017-5853fixedvulnerable (no DSA)fixedfixedfixedInteger overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote ...
CVE-2017-5852fixedvulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...
CVE-2015-8981fixedvulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the PdfParser::ReadXRefSubsection ...

Security announcements

DSA / DLADescription
DLA-968-1libpodofo - security update
DLA-929-1libpodofo - security update

Search for package or bug name: Reporting problems