{"schema_version":"1.7.2","id":"OESA-2024-2244","modified":"2024-10-12T11:09:21Z","published":"2024-10-12T11:09:21Z","upstream":["CVE-2024-4141"],"summary":"poppler security update","details":"Poppler is a free software utility library for rendering Portable Document Format (PDF) documents. \\ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \\ the PDF viewers of the open source GNOME and KDE desktop environments.\r\n\r\nSecurity Fix(es):\r\n\r\nOut-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.\n(CVE-2024-4141)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP1","name":"poppler","purl":"pkg:rpm/openEuler/poppler\u0026distro=openEuler-22.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.90.0-9.oe2203sp1"}]}],"ecosystem_specific":{"aarch64":["poppler-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-cpp-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-cpp-devel-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-debuginfo-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-debugsource-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-devel-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-glib-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-glib-devel-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-qt5-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-qt5-devel-0.90.0-9.oe2203sp1.aarch64.rpm","poppler-utils-0.90.0-9.oe2203sp1.aarch64.rpm"],"noarch":["poppler-glib-doc-0.90.0-9.oe2203sp1.noarch.rpm","poppler-help-0.90.0-9.oe2203sp1.noarch.rpm"],"src":["poppler-0.90.0-9.oe2203sp1.src.rpm"],"x86_64":["poppler-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-cpp-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-cpp-devel-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-debuginfo-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-debugsource-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-devel-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-glib-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-glib-devel-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-qt5-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-qt5-devel-0.90.0-9.oe2203sp1.x86_64.rpm","poppler-utils-0.90.0-9.oe2203sp1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2244"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4141"}],"database_specific":{"severity":"Low"}}