VDB

GCVE-110-MAGEIA-2018-145

GCVE-110-MAGEIA-2018-145
Advisory Published
Vulnetix · Advisory published February 26, 2018
Updated qpdf packages fix security vulnerabilities: 1. Stack overflow due to endless recursion in QPDFTokenizer::resolveLiteral() 2. Another stack overflow / endless recursion in QPDFWriter::enqueueObject() 3. Stack out of bounds read in iterate_rc4() 4. heap out of bounds read (large) in Pl_Buffer::write 5. Hang due to a pdf xref loop: Also, the libjpeg package has been patched to provide pkgconfig files, so that cups-filters could be rebuilt against this qpdf update.

Affected Products

VendorProductVersionsPlatforms
Mageiarust0 (affected), 1.28.0-1.mga6 (unaffected)
Mageialibjpeg0 (affected), 1.3.1-4.3.mga5 (unaffected), 0 (affected), 1.3.1-4.3.mga5 (unaffected)
Mageiacups-filters0 (affected), 0 (affected), 1.0.71-1.4.mga5 (unaffected), 1.0.71-1.4.mga5 (unaffected)
Mageiaqpdf0 (affected), 7.1.1-1.mga5 (unaffected), 7.1.1-1.mga5 (unaffected), 0 (affected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›