Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-41842: Download Xpdf and XpdfReader

An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.

CVE
#mac#windows#linux#apache#pdf

Current version: 4.04
Released: 2022 Apr 18

The GPG/PGP key used to sign the packages is available here, or from the PGP keyservers (search for [email protected]).

Download XpdfReader:

  • Linux 32-bit: download (GPG signature)
  • Linux 64-bit: download (GPG signature)
  • Windows 32-bit (Win 7 and newer): download (GPG signature)
  • Windows 64-bit (Win 7 and newer): download (GPG signature)

Download the Xpdf command line tools:

  • Linux 32/64-bit: download (GPG signature)
  • Windows 32/64-bit (Win 7 and newer): download (GPG signature)
  • Mac 64-bit: download (GPG signature)

Download the Xpdf source code:

  • source code (GPG signature)
    • fixed URL for latest version (for automated mirroring, etc.)
  • Apache-licensed modules (GPG signature)
  • old versions

Download fonts:

  • Type 1 fonts - Symbol and Zapf Dingbats

Download language support packages for Xpdf:

  • Arabic [updated 2011-Aug-15]
  • Chinese/simplified [updated 2020-Dec-22]
  • Chinese/traditional [updated 2020-Dec-22]
  • Cyrillic [updated 2011-Aug-15]
  • Greek [updated 2011-Aug-15]
  • Hebrew [updated 2011-Aug-15]
  • Japanese [updated 2020-Dec-22]
  • Korean [updated 2020-Dec-22]
  • Latin2 [updated 2011-Aug-15]
  • Thai [updated 2011-Aug-15]
  • Turkish [updated 2011-Aug-15]

Xpdf and XpdfReader use the following open source libraries:

  • Qt - download Qt 5.9.7
  • FreeType - download FreeType 2.12.0
  • libpng - download libpng 1.6.35
  • zlib - download zlib 1.2.12
  • Little CMS - download lcms 2.12

Related news

Gentoo Linux Security Advisory 202409-25

Gentoo Linux Security Advisory 202409-25 - Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service. Versions greater than or equal to 4.05 are affected.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907