On Tue, Jan 23, 2018 at 10:39:32AM +0000, Peter Palfrader wrote: > On Sun, 07 Jan 2018, Moritz Muehlenhoff wrote: > > > Package : poppler > > CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 > > CVE-2017-9776 CVE-2017-9865 CVE-2017-14517 > > CVE-2017-14518 CVE-2017-14519 CVE-2017-14520 > > CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 > > CVE-2017-15565 > > > > Multiple vulnerabilities were discovered in the poppler PDF rendering > > library, which could result in denial of service or the execution of > > arbitrary code if a malformed PDF file is processed. > > This update breaks rendering some PDFs for me. > > For instance, this PDF: > > http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.104.5624&rep=rep1&type=pdf > > looks like this before: > https://volatile.noreply.org/2018-01-23-DbTTKsSTcnQ/screenshot.png > but there is no text after the update: > https://volatile.noreply.org/2018-01-23-gwHlProxGos/screenshot.png
Updated packages are in preparation, you can the stretch builds at https://people.debian.org/~jmm/poppler/, let me know if you still run into problems with those. I'll look into fixing jessie later today or tomorrow. Cheers, Moritz
