Nom du paquet
poppler
Date
2009-03-06
Advisory ID
MDVSA-2009:068
Affected versions
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problem description

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence
of a wrong processing on FormWidgetChoice::loadDefaults method
(CVE-2009-0755).

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence of
an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict
destructor when JBIG2Stream::readSymbolDictSeg method is used
(CVE-2009-0756).

This update provides fixes for those vulnerabilities.

Update:

This update does not apply for CVE-2009-0755 under Corporate Server
4.0 libpoppler0-0.4.1-3.7.20060mlcs4.

Updated packages

2009.0 x86_64

 e297ca0d8751197badc87e5a8ada7411  2009.0/x86_64/lib64poppler3-0.8.7-2.1mdv2009.0.x86_64.rpm
 8409a3a0253a81e35d5c5b84fb141ed5  2009.0/x86_64/lib64poppler-devel-0.8.7-2.1mdv2009.0.x86_64.rpm
 898617990bb3077434d6ffe0175ab744  2009.0/x86_64/lib64poppler-glib3-0.8.7-2.1mdv2009.0.x86_64.rpm
 75199e22dad566f0b5b861d82d38c36f  2009.0/x86_64/lib64poppler-glib-devel-0.8.7-2.1mdv2009.0.x86_64.rpm
 3add19f10d4611723a574c4268d0870c  2009.0/x86_64/lib64poppler-qt2-0.8.7-2.1mdv2009.0.x86_64.rpm
 9d0bb0015fc420d445cf5be695cd78dc  2009.0/x86_64/lib64poppler-qt4-3-0.8.7-2.1mdv2009.0.x86_64.rpm
 025fea7ad38b1dfe1d7ef956b875fc37  2009.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.1mdv2009.0.x86_64.rpm
 4d34316ebed58bcf95801671a6c1d6f5  2009.0/x86_64/lib64poppler-qt-devel-0.8.7-2.1mdv2009.0.x86_64.rpm
 7483cf79ecff3b95b300d68c0ceb8455  2009.0/x86_64/poppler-0.8.7-2.1mdv2009.0.x86_64.rpm 
 29a47aa9fe76eeba24925f47afabf687  2009.0/SRPMS/poppler-0.8.7-2.1mdv2009.0.src.rpm

2008.0 i586

 25aba85bf10c8c9ce0fee931834440a1  2008.0/i586/libpoppler2-0.6-3.3mdv2008.0.i586.rpm
 bc255af1dbbb43c06bf8af78df57d32b  2008.0/i586/libpoppler-devel-0.6-3.3mdv2008.0.i586.rpm
 a78e498d417f830237f85e311e07422e  2008.0/i586/libpoppler-glib2-0.6-3.3mdv2008.0.i586.rpm
 4b25777b3d2065ccd138a0199355c581  2008.0/i586/libpoppler-glib-devel-0.6-3.3mdv2008.0.i586.rpm
 2c76dc7bd1bef388581bb51c4a1e2586  2008.0/i586/libpoppler-qt2-0.6-3.3mdv2008.0.i586.rpm
 94f40dec0be2b78823f5b004f8d4b145  2008.0/i586/libpoppler-qt4-2-0.6-3.3mdv2008.0.i586.rpm
 c743daa88aa6c1d7d6828eb22f1a1785  2008.0/i586/libpoppler-qt4-devel-0.6-3.3mdv2008.0.i586.rpm
 f5ffa665e3ad447e1a4c957fde7c2cb6  2008.0/i586/libpoppler-qt-devel-0.6-3.3mdv2008.0.i586.rpm
 c9a73e92a2002b7b0fcaa7e23f983615  2008.0/i586/poppler-0.6-3.3mdv2008.0.i586.rpm 
 2f57c8b7f1883fc9f718e6b45a0771a8  2008.0/SRPMS/poppler-0.6-3.3mdv2008.0.src.rpm

2009.0 i586

 ce56800f6fe4f9db33ede32ef350745c  2009.0/i586/libpoppler3-0.8.7-2.1mdv2009.0.i586.rpm
 33a1ed550b2e2c341661690a8963af24  2009.0/i586/libpoppler-devel-0.8.7-2.1mdv2009.0.i586.rpm
 a27d86ccf053000dbe6d8883be19fbdd  2009.0/i586/libpoppler-glib3-0.8.7-2.1mdv2009.0.i586.rpm
 17117d2e90eb9fe076728d0fd4a6c440  2009.0/i586/libpoppler-glib-devel-0.8.7-2.1mdv2009.0.i586.rpm
 be98bcb0d5f3f74c4bd07845bb654859  2009.0/i586/libpoppler-qt2-0.8.7-2.1mdv2009.0.i586.rpm
 49bd296742e5d1b74fe7df98636e46b4  2009.0/i586/libpoppler-qt4-3-0.8.7-2.1mdv2009.0.i586.rpm
 5e72a15c897daf4f6641bf2bf928cb80  2009.0/i586/libpoppler-qt4-devel-0.8.7-2.1mdv2009.0.i586.rpm
 20cd3595d41d4ac90c0c0285292bf009  2009.0/i586/libpoppler-qt-devel-0.8.7-2.1mdv2009.0.i586.rpm
 cb070e4dee228f58a0c64ad68ed0b1a0  2009.0/i586/poppler-0.8.7-2.1mdv2009.0.i586.rpm 
 29a47aa9fe76eeba24925f47afabf687  2009.0/SRPMS/poppler-0.8.7-2.1mdv2009.0.src.rpm

CS4.0 i586

 9168d447f8242a9acc0db3a77e309cf2  corporate/4.0/i586/libpoppler0-0.4.1-3.8.20060mlcs4.i586.rpm
 4b826fc828ec1b53b0ab28f3697e361a  corporate/4.0/i586/libpoppler0-devel-0.4.1-3.8.20060mlcs4.i586.rpm
 8f273eafc1fac62191a393a551f3b12f  corporate/4.0/i586/libpoppler-qt0-0.4.1-3.8.20060mlcs4.i586.rpm
 99320127444c2c09165c95214f15c9b0  corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.8.20060mlcs4.i586.rpm 
 714cf02d9f3af96bbf2502e48cb9cfd6  corporate/4.0/SRPMS/poppler-0.4.1-3.8.20060mlcs4.src.rpm

2008.0 x86_64

 4e8fea9d6ce6a4ea106537f29fc7046e  2008.0/x86_64/lib64poppler2-0.6-3.3mdv2008.0.x86_64.rpm
 32fc22e88ea5e0a472f42961b1c90bd6  2008.0/x86_64/lib64poppler-devel-0.6-3.3mdv2008.0.x86_64.rpm
 698e83ae4307b7452590e4c171491d04  2008.0/x86_64/lib64poppler-glib2-0.6-3.3mdv2008.0.x86_64.rpm
 0eb4ca6c4924c3c07f73df39655c444e  2008.0/x86_64/lib64poppler-glib-devel-0.6-3.3mdv2008.0.x86_64.rpm
 7f09b65cfcf5ac675934d93b5235dd1c  2008.0/x86_64/lib64poppler-qt2-0.6-3.3mdv2008.0.x86_64.rpm
 9101f2cc7dc33e0a571fe11897d4892c  2008.0/x86_64/lib64poppler-qt4-2-0.6-3.3mdv2008.0.x86_64.rpm
 a11f878a4ea924c762d4f80767470973  2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.3mdv2008.0.x86_64.rpm
 5864600413af3f4dbd63910b9a84f410  2008.0/x86_64/lib64poppler-qt-devel-0.6-3.3mdv2008.0.x86_64.rpm
 b40faa6e339465968607f24633bc0eeb  2008.0/x86_64/poppler-0.6-3.3mdv2008.0.x86_64.rpm 
 2f57c8b7f1883fc9f718e6b45a0771a8  2008.0/SRPMS/poppler-0.6-3.3mdv2008.0.src.rpm

CS4.0 x86_64

 51b1fdec59aa6858a1852234b68a3acf  corporate/4.0/x86_64/lib64poppler0-0.4.1-3.8.20060mlcs4.x86_64.rpm
 51cb75f75d6b83549747da8fee86f47d  corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.8.20060mlcs4.x86_64.rpm
 8a836e5c7cc54eaa38a377ea848388e7  corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.8.20060mlcs4.x86_64.rpm
 32cbc4cdae2ffce0b27e831e61ef9bba  corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.8.20060mlcs4.x86_64.rpm 
 714cf02d9f3af96bbf2502e48cb9cfd6  corporate/4.0/SRPMS/poppler-0.4.1-3.8.20060mlcs4.src.rpm

2008.1 x86_64

 5c0fce14ebddc4b7e0fbb31d2127a238  2008.1/x86_64/lib64poppler2-0.6.4-2.2mdv2008.1.x86_64.rpm
 3a9f02d41da3688f5c231744eb5820de  2008.1/x86_64/lib64poppler-devel-0.6.4-2.2mdv2008.1.x86_64.rpm
 4c3396ebafb43a8a34d1bd0c96aff597  2008.1/x86_64/lib64poppler-glib2-0.6.4-2.2mdv2008.1.x86_64.rpm
 834b475b34ae78583927abecff4cdb97  2008.1/x86_64/lib64poppler-glib-devel-0.6.4-2.2mdv2008.1.x86_64.rpm
 623c2b6e0303c6ffa1f9c2abe1b9d13f  2008.1/x86_64/lib64poppler-qt2-0.6.4-2.2mdv2008.1.x86_64.rpm
 aa86340f66a4959712dce15fe5600549  2008.1/x86_64/lib64poppler-qt4-2-0.6.4-2.2mdv2008.1.x86_64.rpm
 e81a97d8721a76934cd16affffba1efb  2008.1/x86_64/lib64poppler-qt4-devel-0.6.4-2.2mdv2008.1.x86_64.rpm
 91619e0b13b586f2f37535f0ab249902  2008.1/x86_64/lib64poppler-qt-devel-0.6.4-2.2mdv2008.1.x86_64.rpm
 cc74a25a3f74a38a0f4c98f4bf9396ed  2008.1/x86_64/poppler-0.6.4-2.2mdv2008.1.x86_64.rpm 
 f410bbf328d0bccce9f08cabedda8d19  2008.1/SRPMS/poppler-0.6.4-2.2mdv2008.1.src.rpm

2008.1 i586

 0384b322b63dcabeb7ba0ed99f90c7ce  2008.1/i586/libpoppler2-0.6.4-2.2mdv2008.1.i586.rpm
 86f5be9bd512b0f424ee83809ea16770  2008.1/i586/libpoppler-devel-0.6.4-2.2mdv2008.1.i586.rpm
 0f820a233d9c543ec0c325d06ba1c9e2  2008.1/i586/libpoppler-glib2-0.6.4-2.2mdv2008.1.i586.rpm
 44967afd74f16abffd23cc0194d25f8f  2008.1/i586/libpoppler-glib-devel-0.6.4-2.2mdv2008.1.i586.rpm
 58e4979b5e9a74645765ae7797ac9c10  2008.1/i586/libpoppler-qt2-0.6.4-2.2mdv2008.1.i586.rpm
 2552be8e987d266bf1dde1cdb173c1d0  2008.1/i586/libpoppler-qt4-2-0.6.4-2.2mdv2008.1.i586.rpm
 68f5e36b85c38238fd71bb2efac29260  2008.1/i586/libpoppler-qt4-devel-0.6.4-2.2mdv2008.1.i586.rpm
 f134da50ab28ebee599d84cbb13fedf5  2008.1/i586/libpoppler-qt-devel-0.6.4-2.2mdv2008.1.i586.rpm
 caed58a7e42d2a27193885d9c31eca8f  2008.1/i586/poppler-0.6.4-2.2mdv2008.1.i586.rpm 
 f410bbf328d0bccce9f08cabedda8d19  2008.1/SRPMS/poppler-0.6.4-2.2mdv2008.1.src.rpm

References