---

AVG-216 - log back

AVG-216 created at 25 Sep 2019 19:31:50
Packages	+ podofo
Issues	+ CVE-2017-6840 + CVE-2017-6841 + CVE-2017-6842 + CVE-2017-7378 + CVE-2017-7379 + CVE-2017-7380 + CVE-2017-7381 + CVE-2017-7382 + CVE-2017-7383 + CVE-2017-7994
Status	+ Fixed
Severity	+ High
Affected	+ 0.9.5-2
Fixed	+ 0.9.6-1
Ticket
Advisory qualified	+ No
References	+ https://blogs.gentoo.org/ago/2017/03/02/podofo-invalid-memory-read-in-colorchangergetcolorfromstack-colorchanger-cpp/ + https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementtgraphicsstackelement-graphicsstack-h/ + https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-colorchangergetcolorfromstack-colorchanger-cpp/ + https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference + https://blogs.gentoo.org/ago/2017/03/31/podofo-heap-based-buffer-overflow-in-podofopdfsimpleencodingconverttoencoding-pdfencoding-cpp + https://icepng.github.io/2017/04/21/PoDoFo-1/ + https://blogs.gentoo.org/ago/2017/03/31/podofo-heap-based-buffer-overflow-in-podofopdfpainterexpandtabs-pdfpainter-cpp
Notes