Paketname
poppler
Datum
2009-03-07
Advisory ID
MDVSA-2009:068-1
Betroffene Versionen
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence
of a wrong processing on FormWidgetChoice::loadDefaults method
(CVE-2009-0755).

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence of
an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict
destructor when JBIG2Stream::readSymbolDictSeg method is used
(CVE-2009-0756).

This update provides fixes for those vulnerabilities.

This update does not apply for CVE-2009-0755 under Corporate Server
4.0 libpoppler0-0.4.1-3.7.20060mlcs4.

Update:

The previous packages were not signed, this new update fixes that
issue.

Aktualisierte Pakete

2009.0 x86_64

 0b8f436305440047b6953576eeca371c  2009.0/x86_64/lib64poppler3-0.8.7-2.2mdv2009.0.x86_64.rpm
 81b6a315ac7b3913b5afbd64284ab8e8  2009.0/x86_64/lib64poppler-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
 364c79826c466079f8b409bfec18f921  2009.0/x86_64/lib64poppler-glib3-0.8.7-2.2mdv2009.0.x86_64.rpm
 c9b69789a5477eb556033ad650080b61  2009.0/x86_64/lib64poppler-glib-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
 d69621b3c07a1e0077e14c8c56d793e9  2009.0/x86_64/lib64poppler-qt2-0.8.7-2.2mdv2009.0.x86_64.rpm
 45591e111559535e3aa71f57f2f24631  2009.0/x86_64/lib64poppler-qt4-3-0.8.7-2.2mdv2009.0.x86_64.rpm
 e7afcd9689c0f7544f201e7450bbc6d3  2009.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
 4baed4c3f6707ea4e6e7f76b9794bd28  2009.0/x86_64/lib64poppler-qt-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
 907eebe34e5a72b5235b2a9a9f99e86b  2009.0/x86_64/poppler-0.8.7-2.2mdv2009.0.x86_64.rpm 
 01446308427613f217258b52a2eee1fe  2009.0/SRPMS/poppler-0.8.7-2.2mdv2009.0.src.rpm

2008.0 i586

 b6be528bfc04a7128f41a034acc4c858  2008.0/i586/libpoppler2-0.6-3.4mdv2008.0.i586.rpm
 5ce11cbdf503735bbb0e7396a7c75a45  2008.0/i586/libpoppler-devel-0.6-3.4mdv2008.0.i586.rpm
 fe7b78621d225813e020d49310f23eb6  2008.0/i586/libpoppler-glib2-0.6-3.4mdv2008.0.i586.rpm
 cbb6e652f311f9f42519862a80c786d2  2008.0/i586/libpoppler-glib-devel-0.6-3.4mdv2008.0.i586.rpm
 2bedc0757e73e3da48ad92360c3570ab  2008.0/i586/libpoppler-qt2-0.6-3.4mdv2008.0.i586.rpm
 957f6eda2b9e380b31bd46da75afd237  2008.0/i586/libpoppler-qt4-2-0.6-3.4mdv2008.0.i586.rpm
 af48c284302539cbea49a105ee8c7481  2008.0/i586/libpoppler-qt4-devel-0.6-3.4mdv2008.0.i586.rpm
 9068b9dae11e3804417ce524a75e8e33  2008.0/i586/libpoppler-qt-devel-0.6-3.4mdv2008.0.i586.rpm
 8907f3fd329049680fd45319cd04d637  2008.0/i586/poppler-0.6-3.4mdv2008.0.i586.rpm 
 40695204843aca6f53ca52a6dfed30e8  2008.0/SRPMS/poppler-0.6-3.4mdv2008.0.src.rpm

2009.0 i586

 d4c04f004c368818d38853c92aa4bbf1  2009.0/i586/libpoppler3-0.8.7-2.2mdv2009.0.i586.rpm
 4d024506356c95c4042e9c9d5bb9bb8f  2009.0/i586/libpoppler-devel-0.8.7-2.2mdv2009.0.i586.rpm
 0554f19626cf4aa4bc5300022606b6f5  2009.0/i586/libpoppler-glib3-0.8.7-2.2mdv2009.0.i586.rpm
 1f8cddca4e8c09f3fa5f8b3fca0352ed  2009.0/i586/libpoppler-glib-devel-0.8.7-2.2mdv2009.0.i586.rpm
 5a957dd285394a3bf71ae89ba0d8a196  2009.0/i586/libpoppler-qt2-0.8.7-2.2mdv2009.0.i586.rpm
 eb72d3444d8aff20d99f55ebe4ef867d  2009.0/i586/libpoppler-qt4-3-0.8.7-2.2mdv2009.0.i586.rpm
 d694fe64d9ae60ffe966238eb6ede92b  2009.0/i586/libpoppler-qt4-devel-0.8.7-2.2mdv2009.0.i586.rpm
 153e5320ae7bed15b22e3cba09a86fb5  2009.0/i586/libpoppler-qt-devel-0.8.7-2.2mdv2009.0.i586.rpm
 4e2392ad242f0b58077f2c2e37bf6b6d  2009.0/i586/poppler-0.8.7-2.2mdv2009.0.i586.rpm 
 01446308427613f217258b52a2eee1fe  2009.0/SRPMS/poppler-0.8.7-2.2mdv2009.0.src.rpm

CS4.0 i586

 aa8ffe916c682e781401e8013be793c2  corporate/4.0/i586/libpoppler0-0.4.1-3.9.20060mlcs4.i586.rpm
 3f80ec408c7487067548f83ffc6d8024  corporate/4.0/i586/libpoppler0-devel-0.4.1-3.9.20060mlcs4.i586.rpm
 8c6bd3f578818f31e536bc3682f18a39  corporate/4.0/i586/libpoppler-qt0-0.4.1-3.9.20060mlcs4.i586.rpm
 71916f7537d1342b9a8969aa4824f7ae  corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.9.20060mlcs4.i586.rpm 
 c6e6d2856b80c65b00016acd63025604  corporate/4.0/SRPMS/poppler-0.4.1-3.9.20060mlcs4.src.rpm

2008.0 x86_64

 31ccc4965703b3e451c19f39ce7ede1d  2008.0/x86_64/lib64poppler2-0.6-3.4mdv2008.0.x86_64.rpm
 c4d067a480b6954d5325e1539b8325dd  2008.0/x86_64/lib64poppler-devel-0.6-3.4mdv2008.0.x86_64.rpm
 03748430e59d296a83c510892ce8c6f1  2008.0/x86_64/lib64poppler-glib2-0.6-3.4mdv2008.0.x86_64.rpm
 ffeee581c32036d7419ac44109e04672  2008.0/x86_64/lib64poppler-glib-devel-0.6-3.4mdv2008.0.x86_64.rpm
 c92a0ed4b729539170805381806820f3  2008.0/x86_64/lib64poppler-qt2-0.6-3.4mdv2008.0.x86_64.rpm
 0bae60ea196f598f48cfc8f1710e4647  2008.0/x86_64/lib64poppler-qt4-2-0.6-3.4mdv2008.0.x86_64.rpm
 78c077b81c87510eab6cc8bd253d6739  2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.4mdv2008.0.x86_64.rpm
 6c951f0c0b8b487d84b4e6ca1945b20c  2008.0/x86_64/lib64poppler-qt-devel-0.6-3.4mdv2008.0.x86_64.rpm
 53aa65b1208ce95929a80820fd684d42  2008.0/x86_64/poppler-0.6-3.4mdv2008.0.x86_64.rpm 
 40695204843aca6f53ca52a6dfed30e8  2008.0/SRPMS/poppler-0.6-3.4mdv2008.0.src.rpm

CS4.0 x86_64

 369a6877b5f8ac44d69a4361c5f1a31f  corporate/4.0/x86_64/lib64poppler0-0.4.1-3.9.20060mlcs4.x86_64.rpm
 335083606b2aaeef8653f9357e813ddd  corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.9.20060mlcs4.x86_64.rpm
 1c04f33928139496cb9ba6ad5b3242c6  corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.9.20060mlcs4.x86_64.rpm
 344863bfaba9016f196c0966c831982d  corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.9.20060mlcs4.x86_64.rpm 
 c6e6d2856b80c65b00016acd63025604  corporate/4.0/SRPMS/poppler-0.4.1-3.9.20060mlcs4.src.rpm

2008.1 x86_64

 7fdf9d73576933312c32f0fe87c8c93d  2008.1/x86_64/lib64poppler2-0.6.4-2.3mdv2008.1.x86_64.rpm
 b42239fba4cbbb88188de2d5238d1c56  2008.1/x86_64/lib64poppler-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
 fd9460be9227dae0ba5d9910359e858a  2008.1/x86_64/lib64poppler-glib2-0.6.4-2.3mdv2008.1.x86_64.rpm
 59d18d31ec3c82c239e548a40d72f001  2008.1/x86_64/lib64poppler-glib-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
 6d487fdc80ced9ab394a8c7af8f2f9c0  2008.1/x86_64/lib64poppler-qt2-0.6.4-2.3mdv2008.1.x86_64.rpm
 7cd42a0598771e1083bb92d29f6a5584  2008.1/x86_64/lib64poppler-qt4-2-0.6.4-2.3mdv2008.1.x86_64.rpm
 197369abdaa84cd4be08233554cff37b  2008.1/x86_64/lib64poppler-qt4-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
 4185e4241b95b4fcc842b245276fa6f0  2008.1/x86_64/lib64poppler-qt-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
 7d67cd24cae036ca74223fb43ea23fb1  2008.1/x86_64/poppler-0.6.4-2.3mdv2008.1.x86_64.rpm 
 d644c4bbe9de2bac87910a43dcb6f8fe  2008.1/SRPMS/poppler-0.6.4-2.3mdv2008.1.src.rpm

2008.1 i586

 e1f411a24a7158bf9aacf15f99a06347  2008.1/i586/libpoppler2-0.6.4-2.3mdv2008.1.i586.rpm
 5f6334faade2f51ad87d8ac857359814  2008.1/i586/libpoppler-devel-0.6.4-2.3mdv2008.1.i586.rpm
 208c255f0b44e7960b033cfdc5bf3e09  2008.1/i586/libpoppler-glib2-0.6.4-2.3mdv2008.1.i586.rpm
 0925993670c80eb659183306679b4aa9  2008.1/i586/libpoppler-glib-devel-0.6.4-2.3mdv2008.1.i586.rpm
 b9f79459d8eac874b46b6df38b58a6ba  2008.1/i586/libpoppler-qt2-0.6.4-2.3mdv2008.1.i586.rpm
 ede9ef27014b62f50df534e46890b59e  2008.1/i586/libpoppler-qt4-2-0.6.4-2.3mdv2008.1.i586.rpm
 81f609460ede87efb3634366ba76a9d6  2008.1/i586/libpoppler-qt4-devel-0.6.4-2.3mdv2008.1.i586.rpm
 e6d7ad4654495c67fb781bafd666d9db  2008.1/i586/libpoppler-qt-devel-0.6.4-2.3mdv2008.1.i586.rpm
 138a2302ed96ba5949d9930bc580297d  2008.1/i586/poppler-0.6.4-2.3mdv2008.1.i586.rpm 
 d644c4bbe9de2bac87910a43dcb6f8fe  2008.1/SRPMS/poppler-0.6.4-2.3mdv2008.1.src.rpm

Referenzen