MDVSA-2008:089
- Package name
- poppler
- Date
- 2008-04-17
- Advisory ID
- MDVSA-2008:089
- Affected versions
- CS4.0 x86_64 , CS4.0 i586
Problem description
Kees Cook of Ubuntu security found a flaw in how poppler prior
to version 0.6 displayed malformed fonts embedded in PDF files.
An attacker could create a malicious PDF file that would cause
applications using poppler to crash, or possibly execute arbitrary
code when opened (CVE-2008-1693).
The updated packages have been patched to correct this issue.
Updated packages
CS4.0 x86_64
10f7767b01ec173c2c7ad69ec7ba1fb1 corporate/4.0/x86_64/lib64poppler0-0.4.1-3.7.20060mlcs4.x86_64.rpm 47a486fbf806c84175cbb101ef86a2e9 corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.7.20060mlcs4.x86_64.rpm d206062518205787f3938681d401c543 corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.7.20060mlcs4.x86_64.rpm 9954016767660f2cdc85ba6a10346dcb corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.7.20060mlcs4.x86_64.rpm a0835933cb055b6ed7b7d7bbe8de0d06 corporate/4.0/SRPMS/poppler-0.4.1-3.7.20060mlcs4.src.rpm
CS4.0 i586
4701915c12ecf895dcb4772a31d1deca corporate/4.0/i586/libpoppler0-0.4.1-3.7.20060mlcs4.i586.rpm c36f50db21bdb368aadfcb518c1309e6 corporate/4.0/i586/libpoppler0-devel-0.4.1-3.7.20060mlcs4.i586.rpm 0e79560be87df742afeaae41956d075a corporate/4.0/i586/libpoppler-qt0-0.4.1-3.7.20060mlcs4.i586.rpm c4dc210352c366f877372ebb941a9ed2 corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.7.20060mlcs4.i586.rpm a0835933cb055b6ed7b7d7bbe8de0d06 corporate/4.0/SRPMS/poppler-0.4.1-3.7.20060mlcs4.src.rpm