You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa poppler

Sigurnosni nedostaci programskog paketa poppler

==========================================================================
Ubuntu Security Notice USN-4042-1
June 27, 2019

poppler vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in poppler.

Software Description:
– poppler: PDF rendering library

Details:

It was discovered that poppler incorrectly handled certain files. If a user
or automated system were tricked into opening a crafted PDF file, an
attacker could cause a denial of service, or possibly execute arbitrary
code

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libpoppler85 0.74.0-0ubuntu1.2
poppler-utils 0.74.0-0ubuntu1.2

Ubuntu 18.10:
libpoppler79 0.68.0-0ubuntu1.7
poppler-utils 0.68.0-0ubuntu1.7

Ubuntu 18.04 LTS:
libpoppler73 0.62.0-2ubuntu2.9
poppler-utils 0.62.0-2ubuntu2.9

Ubuntu 16.04 LTS:
libpoppler58 0.41.0-0ubuntu1.14
poppler-utils 0.41.0-0ubuntu1.14

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4042-1
CVE-2017-9865, CVE-2018-18897, CVE-2018-20662, CVE-2019-10018,
CVE-2019-10019, CVE-2019-10021, CVE-2019-10023, CVE-2019-10872,
CVE-2019-10873, CVE-2019-12293, CVE-2019-9200, CVE-2019-9631,
CVE-2019-9903

Package Information:
https://launchpad.net/ubuntu/+source/poppler/0.74.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/poppler/0.68.0-0ubuntu1.7
https://launchpad.net/ubuntu/+source/poppler/0.62.0-2ubuntu2.9
https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.14

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl0U0g8ACgkQZWnYVadE
vpOQVQ/+PYVLWatNbryq6W7zSfr8uLejtIenfYCrRIx3/nqSujBw+Fd7cKsQbLFb
3Xz3oI9qpt6PdmKtFkn+XI5DjAtmgOj6F0gUSQsrww++9SDshBfVnyuR3JY/AJxs
AjHELA+20/6ygnyeYeLFS8CLblaAYsffzzhhj4xUBGmA0iZflZmN4IM54skFjrdB
ZNDX2LtL5FzjAo76ckKo/f7/rsQLTZ0CtINactUc0hKkvD6OyWtx3HZ8QOMNUBJw
ynoJjvsYldrkrYTnmkIOoXZnlTu3Hzv0FH4OvzA38mz7pzZ80BqqKTSxzJwH0crh
uUZK5Rl2UHFWReLnOSVXxVK6P81mI3P+ZKb1jFE8DHnGwD1rxvPRCO+X+S2zdFLt
r+/GpEBnGcM+TwlD8R/Wd3RX8ZfFV0QzzgGv/PL7aDHZlggkMaRaz+XP5TUiSXqN
6/715EBvQ2xfDstjsayciuWKSFPGnRywuUpFAqtNN/BBAIF+DgRdhfmhfYd4P4aY
MqRFgo+cv+t0wNn3FROr+HLaj841NLv7nyusFohHRk7qA9ujHBppO46DUaRGIFxj
6rdZBScrDM7iTvJcvzveTFzFlCNpbSBOb/OKzXPnoXBKCDw/6hA70T5yyykh83qs
Ec6wjQx35oRNhZb5XL4QMshB7cVGIOVEqdGp+ZwWIGAM+6PO8Yc=
=1Uzl
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa PharStreamWrapper

Otkriveni su sigurnosni nedostaci u programskom paketu PharStreamWrapper za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju zaobilaženje sigurnosnih ograničenja....

Close