SUSE-SU-2024:3541-1

This update for podofo fixes the following issues:

• CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection (bsc#1023190)

• CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027787)

• CVE-2017-6841: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement (graphicsstack.h) (bsc#1027786)

• CVE-2017-6842: Fixed NULL pointer dereference in ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027785)

• CVE-2017-6845: Fixed NULL pointer dereference in GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace (graphicsstack.h) (bsc#1027779)

• CVE-2017-6849: Fixed NULL pointer dereference in PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp) (bsc#1027776)

• CVE-2017-8378: Fixed denial of service (application crash) vectors related to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp) (bsc#1037000)

• CVE-2018-5308: Fixed Undefined behavior (memcpy with NULL pointer) in PdfMemoryOutputStream::Write (src/base/PdfOutputStream.cpp) (bsc#1075772)

• CVE-2019-10723: Fixed Memory leak in PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp (bsc#1131544)

• CVE-2019-9199: Fixed NULL pointer dereference in function PoDoFo:Impose:PdfTranslator:setSource() in pdftranslator.cpp (bsc#1127855)

• Fixed NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp) (bsc#1023072)