Synopsis:          Moderate: poppler security update
Advisory ID:       SLSA-2017:2550-1
Issue Date:        2017-08-30
CVE Numbers:       CVE-2017-9776
--

Security Fix(es):

* An integer overflow leading to heap-based buffer overflow was found in
the poppler library. An attacker could create a malicious PDF file that
would cause applications that use poppler (such as Evince) to crash, or
potentially execute arbitrary code when opened. (CVE-2017-9776)
--

SL6
  x86_64
    poppler-0.12.4-12.el6_9.i686.rpm
    poppler-0.12.4-12.el6_9.x86_64.rpm
    poppler-debuginfo-0.12.4-12.el6_9.i686.rpm
    poppler-debuginfo-0.12.4-12.el6_9.x86_64.rpm
    poppler-glib-0.12.4-12.el6_9.i686.rpm
    poppler-glib-0.12.4-12.el6_9.x86_64.rpm
    poppler-qt4-0.12.4-12.el6_9.x86_64.rpm
    poppler-utils-0.12.4-12.el6_9.x86_64.rpm
    poppler-devel-0.12.4-12.el6_9.i686.rpm
    poppler-devel-0.12.4-12.el6_9.x86_64.rpm
    poppler-glib-devel-0.12.4-12.el6_9.i686.rpm
    poppler-glib-devel-0.12.4-12.el6_9.x86_64.rpm
    poppler-qt-0.12.4-12.el6_9.i686.rpm
    poppler-qt-0.12.4-12.el6_9.x86_64.rpm
    poppler-qt-devel-0.12.4-12.el6_9.i686.rpm
    poppler-qt-devel-0.12.4-12.el6_9.x86_64.rpm
    poppler-qt4-0.12.4-12.el6_9.i686.rpm
    poppler-qt4-devel-0.12.4-12.el6_9.i686.rpm
    poppler-qt4-devel-0.12.4-12.el6_9.x86_64.rpm
  i386
    poppler-0.12.4-12.el6_9.i686.rpm
    poppler-debuginfo-0.12.4-12.el6_9.i686.rpm
    poppler-glib-0.12.4-12.el6_9.i686.rpm
    poppler-qt4-0.12.4-12.el6_9.i686.rpm
    poppler-utils-0.12.4-12.el6_9.i686.rpm
    poppler-devel-0.12.4-12.el6_9.i686.rpm
    poppler-glib-devel-0.12.4-12.el6_9.i686.rpm
    poppler-qt-0.12.4-12.el6_9.i686.rpm
    poppler-qt-devel-0.12.4-12.el6_9.i686.rpm
    poppler-qt4-devel-0.12.4-12.el6_9.i686.rpm

- Scientific Linux Development Team