|
|
Log in / Subscribe / Register

Fedora alert FEDORA-2018-d7ea552cde (qpdf)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 26 Update: qpdf-7.1.1-5.fc26 


Date:
    	      Fri, 27 Apr 2018 23:00:04 +0000 (UTC)


Message-ID:
    	      <20180427230004.AE664614C127@bastion01.phx2.fedoraproject.org>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-d7ea552cde
2018-04-27 22:57:28.389605
--------------------------------------------------------------------------------

Name        : qpdf
Product     : Fedora 26
Version     : 7.1.1
Release     : 5.fc26
URL         : http://qpdf.sourceforge.net/

Summary     : Command-line tools and library for transforming PDF files
Description :
QPDF is a command-line program that does structural, content-preserving
transformations on PDF files. It could have been called something
like pdf-to-pdf. It includes support for merging and splitting PDFs
and to manipulate the list of pages in a PDF file. It is not a PDF viewer
or a program capable of converting PDF into other formats.

--------------------------------------------------------------------------------
Update Information:

Rebase to qpdf-7.1.1 because of CVEs
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 16 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-5
- CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a
[fedora-all]
* Mon Feb 19 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-4
- gcc and gcc-c++ are no longer in buildroot by default
* Fri Feb  9 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Thu Feb  8 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-2
- remove old stuff
* Mon Feb  5 2018 Zdenek Dohnal <zdohnal@redhat.com> - 7.1.1-1
- rebase to 7.1.1
* Tue Sep 19 2017 Zdenek Dohnal <zdohnal@redhat.com> - 7.0.0-1
- rebase to 7.0.0
* Fri Aug 11 2017 Zdenek Dohnal <zdohnal@redhat.com> - 6.0.0-10
- adding patches for CVE back (cups-filters needed to rebuild)
* Mon Aug  7 2017 Zdenek Dohnal <zdohnal@redhat.com> - 6.0.0-9
- removing patches for CVEs, because they break other things now
* Thu Aug  3 2017 Zdenek Dohnal <zdohnal@redhat.com> - 6.0.0-8
- 1477213 - Detect recursions loop resolving objects
- 1454820 - CVE-2017-9208
- 1454820 - CVE-2017-9209
- 1454820 - CVE-2017-9210
* Thu Aug  3 2017 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Re...
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-d7ea552cde' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys

--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds