{"id":"MGASA-2017-0237","summary":"Updated qpdf packages fix security vulnerabilities","details":"This snapshot of the upstream development branch (6.0) of qpdf fixes\nseveral infinite loop vulnerabilities: CVE-2017-9208, CVE-2017-9209,\nCVE-2017-9210, CVE-2017-11624, CVE-2017-11625, CVE-2017-11626,\nCVE-2017-11627.\n\nFor Mageia 5, the cups-filters package was also rebuilt against this\nnew major version of qpdf.\n","modified":"2026-04-16T06:24:12.147716172Z","published":"2017-08-03T19:05:47Z","upstream":["CVE-2017-11624","CVE-2017-11625","CVE-2017-11626","CVE-2017-11627","CVE-2017-9208","CVE-2017-9209","CVE-2017-9210"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0237.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=20915"},{"type":"WEB","url":"https://github.com/qpdf/qpdf/tree/8ee83ca722baad9434119bb72d620dfd8e6103c4"}],"affected":[{"package":{"name":"cups-filters","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/cups-filters?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.71-1.3.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0237.json"}},{"package":{"name":"qpdf","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/qpdf?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.0-2.20170730.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0237.json"}},{"package":{"name":"qpdf","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/qpdf?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.0-2.20170730.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0237.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}