ASA-201910-10 log generated external raw

[ASA-201910-10] xpdf: arbitrary code execution
Arch Linux Security Advisory ASA-201910-10 ========================================== Severity: Medium Date : 2019-10-16 CVE-ID : CVE-2019-16927 Package : xpdf Type : arbitrary code execution Remote : No Link : Summary ======= The package xpdf before version 4.02-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 4.02-1. # pacman -Syu "xpdf>=4.02-1" The problem has been fixed upstream in version 4.02. Workaround ========== None. Description =========== Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the TextPage::findGaps function in, a different vulnerability than CVE-2019-9877. Impact ====== A local attacker is able to execute arbitrary code via a specially crafted PDF document. References ==========