Updated poppler packages fix security vulnerability
Publication date: 20 Feb 2019Modification date: 20 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-18897 , CVE-2018-20481 , CVE-2018-20551 , CVE-2018-20650 , CVE-2019-7310
Description
An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. (CVE-2018-18897) XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc. (CVE-2018-20481) A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c. (CVE-2018-20551) A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. (CVE-2018-20650) In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. (CVE-2019-7310)
References
- https://bugs.mageia.org/show_bug.cgi?id=24250
- https://usn.ubuntu.com/3865-1/
- https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20481.html
- https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20650.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CH33MK2BAV326CV7IKYGMFO4IYX552Z2/
- https://usn.ubuntu.com/3886-1/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310
SRPMS
6/core
- poppler-0.52.0-3.11.mga6