diff options
| author | Jay Berkenbilt <ejb@ql.org> | 2018-04-15 22:11:22 +0200 |
|---|---|---|
| committer | Jay Berkenbilt <ejb@ql.org> | 2018-04-15 22:11:22 +0200 |
| commit | b4d6cf6836ce025ba1811b7bbec52680c7204223 (patch) | |
| tree | 289fec3388557b46007a5fbb66c03435e4f22b33 /ChangeLog | |
| parent | f8c8e4dcc0f45779dcb93de6f417a2c189d5c157 (diff) | |
| download | qpdf-b4d6cf6836ce025ba1811b7bbec52680c7204223.tar.zst | |
Limit depth of nesting in direct objects (fixes #202)
This fixes CVE-2018-9918.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -1,3 +1,8 @@ +2018-04-15 Jay Berkenbilt <ejb@ql.org> + + * Arbitrarily limit the depth of data structures represented by + direct object. This is CVE-2018-9918. Fixes #202. + 2018-03-06 Jay Berkenbilt <ejb@ql.org> * 8.0.2: release |