* A stack-based buffer overflow was found in the poppler library. An
attacker could create a malicious PDF file that would cause applications
that use poppler (such as Evince) to crash, or potentially execute
arbitrary code when opened. (CVE-2017-9775)
* An integer overflow leading to heap-based buffer overflow was found in
the poppler library. An attacker could create a malicious PDF file that
would cause applications that use poppler (such as Evince) to crash, or
potentially execute arbitrary code when opened. (CVE-2017-9776)
--