CVE-2024-2971
Published: 26 March 2024
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.
Notes
| Author | Note |
|---|---|
| mdeslaur | In trusty to bionic, xpdf is built with poppler as the backend library, so most xpdf issues don't apply to it. In jammy and later, the xpdf package is actually xpopple, a fork that also builds against poppler. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
ipe Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Needs triage
|
|
| jammy |
Needs triage
|
|
| mantic |
Needs triage
|
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|
|
|
xpdf Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Does not exist
|
|
| jammy |
Needs triage
|
|
| mantic |
Needs triage
|
|
| upstream |
Needs triage
|
|
| xenial |
Needs triage
|