You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa poppler

Sigurnosni nedostaci programskog paketa poppler

==========================================================================
Ubuntu Security Notice USN-3837-1
December 04, 2018

poppler vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in poppler.

Software Description:
– poppler: PDF rendering library

Details:

It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060)

It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2018-19149)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  libpoppler79                    0.68.0-0ubuntu1.2
  poppler-utils                   0.68.0-0ubuntu1.2

Ubuntu 18.04 LTS:
  libpoppler73                    0.62.0-2ubuntu2.4
  poppler-utils                   0.62.0-2ubuntu2.4

Ubuntu 16.04 LTS:
  libpoppler58                    0.41.0-0ubuntu1.9
  poppler-utils                   0.41.0-0ubuntu1.9

Ubuntu 14.04 LTS:
  libpoppler44                    0.24.5-2ubuntu4.13
  poppler-utils                   0.24.5-2ubuntu4.13

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3837-1
  CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060,
  CVE-2018-19149

Package Information:
  https://launchpad.net/ubuntu/+source/poppler/0.68.0-0ubuntu1.2
  https://launchpad.net/ubuntu/+source/poppler/0.62.0-2ubuntu2.4
  https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.9
  https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.13—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJcBn6KAAoJEEW851uECx9p7SMP/1tLSIPAAn4/x92yPQTpEzv0
vzShTbH03qVRrFfODz5ZCjplUCAG1qqUVVDgO53yaLZ4FM8dg+CE1PTGxFa1yzSU
QAdCHU4ObAA2qC6CocuVSmvdtZBDs/l7o2LfH4rk+9wnvjrTsQA2ZWNqUgUxVNYJ
QFcNsxQZ8mojqiU2FLrK73Vx8OTmR+LoH6dVzfCgA3QuG+GW574bOEHneNSCViT8
cNyzMBNIIRc/WhUhTamZ++WqhtfNe2j+nds/w6OosPt5epAUnoIMu0455LMS5s/6
WD4xV+vIM4IFGXaIw1Lnt9YH9dAcfQ2OHezRZOOezVwyzrr/ucMiWIo48BNJJaWM
i9D/2CVEcf2zJON45ogmEODRBh6tA6XPBYzVo2+HHwqCSY+EfYS36N3jUi16Vpiq
Cb+yBGn0wvRgE2Pg8DGJzUiTM3N0/ptwf/Hee5kDw2ctKnEewPYerfiHWhqLehJr
HqRqFDwnIysNDuK2cGFgFdWlgutdt9fV//DUNHL01Tale4Zx+V1WJ2KoYvmj8TrM
zvnnI2jVeeH/9lZ3St774XYFxFmJW3jiOlSdTWWSZ5qF9roRD9QJHgm+oJt8yBSB
BBoqdkR5beZI6DMXL8/nGSuraJS4bHHV95W1h2qZfHtEYUAsrxHYacf/oC1bmWvE
q7e9x6FGII43Dk/IfpEz
=twEQ
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda,...

Close