[Full-disclosure] [ MDVSA-2010:231 ] poppler



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:231
http://www.mandriva.com/security/
_______________________________________________________________________

Package : poppler
Date : November 12, 2010
Affected: 2010.0, 2010.1
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities were discovered and corrected in poppler:

The Gfx::getPos function in the PDF parser in poppler, allows
context-dependent attackers to cause a denial of service (crash)
via unknown vectors that trigger an uninitialized pointer dereference
(CVE-2010-3702).

The PostScriptFunction::PostScriptFunction function in
poppler/Function.cc in the PDF parser in poppler, allows
context-dependent attackers to cause a denial of service (crash)
via a PDF file that triggers an uninitialized pointer dereference
(CVE-2010-3703).

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser
in poppler, allows context-dependent attackers to cause a denial
of service (crash) and possibly execute arbitrary code via a PDF
file with a crafted Type1 font that contains a negative array index,
which bypasses input validation and which triggers memory corruption
(CVE-2010-3704).

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.0:
f8eeb85b978e98a9bfffce7ab584e9df 2010.0/i586/libpoppler5-0.12.4-1.2mdv2010.0.i586.rpm
11b9dfe9e37261bec174c25aae9d71b4 2010.0/i586/libpoppler-devel-0.12.4-1.2mdv2010.0.i586.rpm
b9af206162c906094204ed13a4620318 2010.0/i586/libpoppler-glib4-0.12.4-1.2mdv2010.0.i586.rpm
eea6fc72a55f119c2fe7aef2c37400f6 2010.0/i586/libpoppler-glib-devel-0.12.4-1.2mdv2010.0.i586.rpm
d83f8f81d2cbb11a3a12e0654d63cd11 2010.0/i586/libpoppler-qt2-0.12.4-1.2mdv2010.0.i586.rpm
8e1f7d0278a299b55e1b213f90462610 2010.0/i586/libpoppler-qt4-3-0.12.4-1.2mdv2010.0.i586.rpm
6f1505518bb6a42bd017f4ed00ed5f3f 2010.0/i586/libpoppler-qt4-devel-0.12.4-1.2mdv2010.0.i586.rpm
6bfceb4bbb5565f829c765e15d9f84f8 2010.0/i586/libpoppler-qt-devel-0.12.4-1.2mdv2010.0.i586.rpm
69b87e12827e20261bcac5c1a9f6cc47 2010.0/i586/poppler-0.12.4-1.2mdv2010.0.i586.rpm
b395b580e189eac53cec4cdce2ceaeeb 2010.0/SRPMS/poppler-0.12.4-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
5ac922ba77b7e24852b032cb96d66dcc 2010.0/x86_64/lib64poppler5-0.12.4-1.2mdv2010.0.x86_64.rpm
a35fdb10aaaeda661082eea969c8cb10 2010.0/x86_64/lib64poppler-devel-0.12.4-1.2mdv2010.0.x86_64.rpm
be4e55287976d6d9f0bc8acdd41dc371 2010.0/x86_64/lib64poppler-glib4-0.12.4-1.2mdv2010.0.x86_64.rpm
2e63d0dff69e958f0b926cf6d0026c61 2010.0/x86_64/lib64poppler-glib-devel-0.12.4-1.2mdv2010.0.x86_64.rpm
b50e39d108dc2458c252fbf365e2aaff 2010.0/x86_64/lib64poppler-qt2-0.12.4-1.2mdv2010.0.x86_64.rpm
7b249ff04f794fb6a8dc8b05564143e4 2010.0/x86_64/lib64poppler-qt4-3-0.12.4-1.2mdv2010.0.x86_64.rpm
121f80f800f144eb489f0cdce287e7ef 2010.0/x86_64/lib64poppler-qt4-devel-0.12.4-1.2mdv2010.0.x86_64.rpm
fb7297fbbd3758eca663813932d822fe 2010.0/x86_64/lib64poppler-qt-devel-0.12.4-1.2mdv2010.0.x86_64.rpm
5fbd9b1cbd0c18cc7f5a77ee8c9421e8 2010.0/x86_64/poppler-0.12.4-1.2mdv2010.0.x86_64.rpm
b395b580e189eac53cec4cdce2ceaeeb 2010.0/SRPMS/poppler-0.12.4-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.1:
039272fbf964bf0cda8ee8be3f73d7f0 2010.1/i586/libpoppler5-0.12.4-2.1mdv2010.1.i586.rpm
4b8cd7ba4fcad0fdb13d498d9659353e 2010.1/i586/libpoppler-devel-0.12.4-2.1mdv2010.1.i586.rpm
0c8ecda02ad63275628fdf7dbb886d85 2010.1/i586/libpoppler-glib4-0.12.4-2.1mdv2010.1.i586.rpm
a899985446082afaf7a552a9d093fa7b 2010.1/i586/libpoppler-glib-devel-0.12.4-2.1mdv2010.1.i586.rpm
98cc33b6085f8b5a3e450814217a87fc 2010.1/i586/libpoppler-qt2-0.12.4-2.1mdv2010.1.i586.rpm
aca2798c969fe7e1ae41f8fda8c767bf 2010.1/i586/libpoppler-qt4-3-0.12.4-2.1mdv2010.1.i586.rpm
766c5b85413728af84378f56647f3d6e 2010.1/i586/libpoppler-qt4-devel-0.12.4-2.1mdv2010.1.i586.rpm
e1af5e2dda8be30d3ac1e009ce856588 2010.1/i586/libpoppler-qt-devel-0.12.4-2.1mdv2010.1.i586.rpm
e2060c17f1f8ece622fbcf94e50205d7 2010.1/i586/poppler-0.12.4-2.1mdv2010.1.i586.rpm
a3495563ca96089190aef76b6c25df4d 2010.1/SRPMS/poppler-0.12.4-2.1mdv2010.1.src.rpm

Mandriva Linux 2010.1/X86_64:
142bdd508c9c62480b467b3aa74a6eb1 2010.1/x86_64/lib64poppler5-0.12.4-2.1mdv2010.1.x86_64.rpm
423f44b8802e838afbdd9be973bee11b 2010.1/x86_64/lib64poppler-devel-0.12.4-2.1mdv2010.1.x86_64.rpm
88b25a582c2bf185196e8d68b2567bd9 2010.1/x86_64/lib64poppler-glib4-0.12.4-2.1mdv2010.1.x86_64.rpm
5ea3f17b45cdddf438d4642348f0133d 2010.1/x86_64/lib64poppler-glib-devel-0.12.4-2.1mdv2010.1.x86_64.rpm
11e9facfbca3b5d916f480e5053614cd 2010.1/x86_64/lib64poppler-qt2-0.12.4-2.1mdv2010.1.x86_64.rpm
51f3818574979e270265d94947b863ff 2010.1/x86_64/lib64poppler-qt4-3-0.12.4-2.1mdv2010.1.x86_64.rpm
d7c2b054dd96ac00eb7caf957d290cf6 2010.1/x86_64/lib64poppler-qt4-devel-0.12.4-2.1mdv2010.1.x86_64.rpm
9533bb591cd679ba8f880b23605e837a 2010.1/x86_64/lib64poppler-qt-devel-0.12.4-2.1mdv2010.1.x86_64.rpm
a6fd550b90857f4cbfcd97213d5e7918 2010.1/x86_64/poppler-0.12.4-2.1mdv2010.1.x86_64.rpm
a3495563ca96089190aef76b6c25df4d 2010.1/SRPMS/poppler-0.12.4-2.1mdv2010.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFM3VkMmqjQ0CJFipgRAt1ZAKDMo9oWIQ/0cZWwYHte7+QQWtASZwCfTuRR
Qp8m00pY+5aiMBWXOR3I64k=
=VPTO
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • [ MDVSA-2010:231 ] poppler
    ... Multiple vulnerabilities were discovered and corrected in poppler: ... The Gfx::getPos function in the PDF parser in poppler, ... The updated packages have been patched to correct these issues. ... Mandriva Linux 2010.0/X86_64: ...
    (Bugtraq)
  • [Full-disclosure] [ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities
    ... Package: poppler ... Alin Rad Pop found several flaws in how PDF files are handled ... The updated packages have been patched to correct this issue. ... Mandriva Linux 2007.1/X86_64: ...
    (Full-Disclosure)
  • [ MDKSA-2007:227 ] - Updated poppler packages fix vulnerabilities
    ... Package: poppler ... Alin Rad Pop found several flaws in how PDF files are handled ... The updated packages have been patched to correct this issue. ... Mandriva Linux 2007.1/X86_64: ...
    (Bugtraq)
  • [Full-disclosure] [ MDVSA-2008:197 ] koffice
    ... Kees Cook of Ubuntu security found a flaw in how poppler prior ... so the updated packages ... Mandriva Linux 2008.0/X86_64: ... All packages are signed by Mandriva for security. ...
    (Full-Disclosure)
  • [Full-disclosure] [ MDVSA-2008:163 ] python
    ... Multiple integer overflows in the imageop module in Python prior to ... Multiple integer overflows were reported by the Google Security Team ... The updated packages have been patched to correct these issues. ... Python packages on Mandriva Linux 2007.1 and 2008.0 have ...
    (Full-Disclosure)