lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1O7Z4e-0004ED-DW@titan.mandriva.com>
Date: Thu, 29 Apr 2010 21:07:00 +0200
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2010:087 ] poppler


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:087
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : poppler
 Date    : April 29, 2010
 Affected: Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in poppler:
 
 Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
 and earlier allow remote attackers to cause a denial of service
 (crash) via a crafted PDF file, related to (1) setBitmap and (2)
 readSymbolDictSeg (CVE-2009-0146).
 
 Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
 earlier allow remote attackers to cause a denial of service (crash)
 via a crafted PDF file (CVE-2009-0147).
 
 The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
 to cause a denial of service (crash) via a crafted PDF file that
 triggers a free of uninitialized memory (CVE-2009-0166).
 
 Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9,
 and probably other products, allows remote attackers to execute
 arbitrary code via a PDF file with crafted JBIG2 symbol dictionary
 segments (CVE-2009-0195).
 
 The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
 to cause a denial of service (crash) via a crafted PDF file that
 triggers an out-of-bounds read (CVE-2009-0799).
 
 Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2
 and earlier allow remote attackers to execute arbitrary code via a
 crafted PDF file (CVE-2009-0800).
 
 Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier
 allows remote attackers to execute arbitrary code via a crafted PDF
 file (CVE-2009-1179).
 
 The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
 to execute arbitrary code via a crafted PDF file that triggers a free
 of invalid data (CVE-2009-1180).
 
 The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
 to cause a denial of service (crash) via a crafted PDF file that
 triggers a NULL pointer dereference (CVE-2009-1181).
 
 Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2
 and earlier allow remote attackers to execute arbitrary code via a
 crafted PDF file (CVE-2009-1182).
 
 The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier allows remote
 attackers to cause a denial of service (infinite loop and hang)
 via a crafted PDF file (CVE-2009-1183).
 
 Integer overflow in the JBIG2 decoding feature in Poppler before
 0.10.6 allows remote attackers to cause a denial of service (crash) and
 possibly execute arbitrary code via vectors related to CairoOutputDev
 (CairoOutputDev.cc) (CVE-2009-1187).
 
 Integer overflow in the JBIG2 decoding feature in Poppler before
 0.10.6 allows remote attackers to cause a denial of service (crash)
 and possibly execute arbitrary code via vectors related to SplashBitmap
 (splash/SplashBitmap.cc) (CVE-2009-1188).
 
 The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x
 before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF,
 does not properly allocate memory, which allows remote attackers to
 cause a denial of service (application crash) or possibly execute
 arbitrary code via a crafted PDF document that triggers a NULL pointer
 dereference or a heap-based buffer overflow (CVE-2009-3604).
 
 Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf
 before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might
 allow remote attackers to execute arbitrary code via a crafted PDF
 document that triggers a heap-based buffer overflow (CVE-2009-3606).
 
 Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x
 before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers
 to execute arbitrary code via a crafted PDF document that triggers a
 heap-based buffer overflow.  NOTE: some of these details are obtained
 from third party information.  NOTE: this issue reportedly exists
 because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).
 
 Additionally the kdegraphics package was rebuild to make
 kdegraphics-kpdf link correctly to the new poppler libraries and are
 also provided.
 
 The updated poppler packages have upgraded to 0.5.4 and have been
 patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603
 _______________________________________________________________________

 Updated Packages:

 Corporate 4.0:
 dea66bbd492f22ba623f36ae0102b339  corporate/4.0/i586/kdegraphics-3.5.4-0.11.20060mlcs4.i586.rpm
 eaacb79881584083d5681e79c0ec1e46  corporate/4.0/i586/kdegraphics-common-3.5.4-0.11.20060mlcs4.i586.rpm
 a960ae38707f543c53ac96fb856da981  corporate/4.0/i586/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.i586.rpm
 672a722cb91868a93a8ff3138055353e  corporate/4.0/i586/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.i586.rpm
 832787af5c0d252273449282fa6e7c01  corporate/4.0/i586/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.i586.rpm
 affd706478ba572240b1c3fb3a40d456  corporate/4.0/i586/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.i586.rpm
 b53883590e3543b0d015e966085d6b2e  corporate/4.0/i586/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm
 297eec12d7f21cd3fc71220ee0ff50e9  corporate/4.0/i586/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.i586.rpm
 70006017b4ec0bb49029781cb36689b0  corporate/4.0/i586/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.i586.rpm
 269129214d07cb094a62f569baea8e00  corporate/4.0/i586/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.i586.rpm
 29129e310c15b3865112b16a6eb109a7  corporate/4.0/i586/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.i586.rpm
 1a0bde06b6f6a9af7b18ef7ac514a152  corporate/4.0/i586/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm
 bd5423a1a421242ac066f324eb733f42  corporate/4.0/i586/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.i586.rpm
 1fe20d0c673fe1e3ddcd60afd4e5d473  corporate/4.0/i586/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.i586.rpm
 cae59cdcc9ea7dba41aad24d184cafaa  corporate/4.0/i586/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm
 e8d0add657152f6a834d6d6dd58e02fe  corporate/4.0/i586/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.i586.rpm
 5a829be0326888b9613acc993744c39f  corporate/4.0/i586/kdegraphics-kview-3.5.4-0.11.20060mlcs4.i586.rpm
 9bd1814ef1a568f897fe0b0692404bb6  corporate/4.0/i586/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.i586.rpm
 7cf01837d3681fb41c501c11ea8ab030  corporate/4.0/i586/libkdegraphics0-common-3.5.4-0.11.20060mlcs4.i586.rpm
 6a29cdda3b4a4f0cd45b041cd8bf6b50  corporate/4.0/i586/libkdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 82663a9f72adc820a7de1759e63a4d69  corporate/4.0/i586/libkdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.i586.rpm
 0fd075cd510d1b935757781b22af1c80  corporate/4.0/i586/libkdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 483056e6a21a7df3bf29ec60dcb742c9  corporate/4.0/i586/libkdegraphics0-kooka-3.5.4-0.11.20060mlcs4.i586.rpm
 0bef434eda416daeb73c9a5b63d16c4b  corporate/4.0/i586/libkdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 2903f1630b5ab746265f122e1b361b59  corporate/4.0/i586/libkdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.i586.rpm
 9ab4acd2409f30fa9d44bd93a46d31dd  corporate/4.0/i586/libkdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 2e398a8d7c54070f9bfd97d5f11a25f5  corporate/4.0/i586/libkdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.i586.rpm
 0c05af96ff0515c79f68ccf230a80b19  corporate/4.0/i586/libkdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 8ece732e8d172ee1a9c9acd6ed5a6842  corporate/4.0/i586/libkdegraphics0-kview-3.5.4-0.11.20060mlcs4.i586.rpm
 ac8518e4d52be4a05d721c6aaa6e8c32  corporate/4.0/i586/libkdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.i586.rpm
 6e8776ceba1e89c7d4c9f8535c83321e  corporate/4.0/i586/libpoppler1-0.5.4-0.1.20060mlcs4.i586.rpm
 f62ca0bb896da6f7e276fdcc2ce9ab1d  corporate/4.0/i586/libpoppler1-devel-0.5.4-0.1.20060mlcs4.i586.rpm
 c5ceadf8331ef8066935e3e962e90544  corporate/4.0/i586/libpoppler-qt1-0.5.4-0.1.20060mlcs4.i586.rpm
 2e9ddef72271e5f6e393d378f96edab4  corporate/4.0/i586/libpoppler-qt1-devel-0.5.4-0.1.20060mlcs4.i586.rpm
 3972be61f01933a4803656eac7de5b19  corporate/4.0/i586/poppler-0.5.4-0.1.20060mlcs4.i586.rpm 
 88983ff8ae37983c60c7a5b4637a6b00  corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm
 4fb8f13d956af237eb9b1b258fc3f248  corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 614466bad3bbb8fd4d1a231221b4a6cc  corporate/4.0/x86_64/kdegraphics-3.5.4-0.11.20060mlcs4.x86_64.rpm
 e9437cd560f5f48fd2b97939393386a7  corporate/4.0/x86_64/kdegraphics-common-3.5.4-0.11.20060mlcs4.x86_64.rpm
 5121ccdc4cdd2cd6b84e53bc00d98f0b  corporate/4.0/x86_64/kdegraphics-kcolorchooser-3.5.4-0.11.20060mlcs4.x86_64.rpm
 13dc7c9f2397a179aee58b5bf10b072c  corporate/4.0/x86_64/kdegraphics-kcoloredit-3.5.4-0.11.20060mlcs4.x86_64.rpm
 53b353e9edfa33d34eee360bedae5ca9  corporate/4.0/x86_64/kdegraphics-kdvi-3.5.4-0.11.20060mlcs4.x86_64.rpm
 a4f4ff609d07d18896e88818aa46d6f0  corporate/4.0/x86_64/kdegraphics-kfax-3.5.4-0.11.20060mlcs4.x86_64.rpm
 eafbd23da8d057bf5177bf7d87127ea9  corporate/4.0/x86_64/kdegraphics-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm
 a17791eaa9316c418e39522d4e54783e  corporate/4.0/x86_64/kdegraphics-kiconedit-3.5.4-0.11.20060mlcs4.x86_64.rpm
 a37ca8e2f7cf7fe61be675ec9c26305f  corporate/4.0/x86_64/kdegraphics-kolourpaint-3.5.4-0.11.20060mlcs4.x86_64.rpm
 d8e992f1dab0041f9d20457d4eaec6bd  corporate/4.0/x86_64/kdegraphics-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm
 27c123a5d099ec3fe22d2b919dbc5510  corporate/4.0/x86_64/kdegraphics-kpdf-3.5.4-0.11.20060mlcs4.x86_64.rpm
 aab1c67de88efae3ae1d8e5d30698c2d  corporate/4.0/x86_64/kdegraphics-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm
 2e09a8fc4f383539074e2799c4a97ba1  corporate/4.0/x86_64/kdegraphics-kruler-3.5.4-0.11.20060mlcs4.x86_64.rpm
 d54670b3dfdfa7f8045129a64e514a07  corporate/4.0/x86_64/kdegraphics-ksnapshot-3.5.4-0.11.20060mlcs4.x86_64.rpm
 c82b9ebc34696168c5e65ce87f2a9a67  corporate/4.0/x86_64/kdegraphics-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm
 fbe3f19d25447527d338b042cfa5fe60  corporate/4.0/x86_64/kdegraphics-kuickshow-3.5.4-0.11.20060mlcs4.x86_64.rpm
 afeb446e4eaec5f10fbdd2329381b8c0  corporate/4.0/x86_64/kdegraphics-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm
 5f59c3ee24f3b920ab8c626674f9a60e  corporate/4.0/x86_64/kdegraphics-mrmlsearch-3.5.4-0.11.20060mlcs4.x86_64.rpm
 acbb79f250a649d105966639998bcaf5  corporate/4.0/x86_64/lib64kdegraphics0-common-3.5.4-0.11.20060mlcs4.x86_64.rpm
 1ba152d082f731577401d66ef96935ad  corporate/4.0/x86_64/lib64kdegraphics0-common-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 55a6e9901a3a210441a8682e415aa742  corporate/4.0/x86_64/lib64kdegraphics0-kghostview-3.5.4-0.11.20060mlcs4.x86_64.rpm
 ba9753d41cd38b3cd483aa42a153fe23  corporate/4.0/x86_64/lib64kdegraphics0-kghostview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 26dcfaa91467f532d78f7c324c1dcdf5  corporate/4.0/x86_64/lib64kdegraphics0-kooka-3.5.4-0.11.20060mlcs4.x86_64.rpm
 92e971cba13d97b3abdc7a98dc0df258  corporate/4.0/x86_64/lib64kdegraphics0-kooka-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 4389a06ba0ac3526f17a429010add510  corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-3.5.4-0.11.20060mlcs4.x86_64.rpm
 280fd79e9cdc88fdb0914ef159d3f0cf  corporate/4.0/x86_64/lib64kdegraphics0-kpovmodeler-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 c45e9900d456b7d593312acb99b94145  corporate/4.0/x86_64/lib64kdegraphics0-ksvg-3.5.4-0.11.20060mlcs4.x86_64.rpm
 172d4b0334dc7b3c00df5d2e30f1e1c9  corporate/4.0/x86_64/lib64kdegraphics0-ksvg-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 a3d6df24532cc486c8e3c94f83a901ad  corporate/4.0/x86_64/lib64kdegraphics0-kview-3.5.4-0.11.20060mlcs4.x86_64.rpm
 77760b8881b8ac95d717585e1bc99869  corporate/4.0/x86_64/lib64kdegraphics0-kview-devel-3.5.4-0.11.20060mlcs4.x86_64.rpm
 9fb716fd221e76a32560ecb1c6f3f645  corporate/4.0/x86_64/lib64poppler1-0.5.4-0.1.20060mlcs4.x86_64.rpm
 15f410a2adba4b06b3a89982b0ecddcf  corporate/4.0/x86_64/lib64poppler1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm
 6fea5cfe8ef1c14faaf1a9f507150412  corporate/4.0/x86_64/lib64poppler-qt1-0.5.4-0.1.20060mlcs4.x86_64.rpm
 ba25ff0acd3d67f493c40e577edacefb  corporate/4.0/x86_64/lib64poppler-qt1-devel-0.5.4-0.1.20060mlcs4.x86_64.rpm
 bc1572dceb3f6f4592a4a881a069a4b4  corporate/4.0/x86_64/poppler-0.5.4-0.1.20060mlcs4.x86_64.rpm 
 88983ff8ae37983c60c7a5b4637a6b00  corporate/4.0/SRPMS/kdegraphics-3.5.4-0.11.20060mlcs4.src.rpm
 4fb8f13d956af237eb9b1b258fc3f248  corporate/4.0/SRPMS/poppler-0.5.4-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL2a5ImqjQ0CJFipgRAu/xAJ9moP96wwrYPm1upMlzoYSgc4io9wCgwfWj
py9rAWhy4PUvyuEnjYkVzi0=
=cEiW
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ