RedHat: RHSA-2019:2022-01 Moderate: Poppler Heap-Based Buffer Overflow

red hat

August 6, 2019

An update for poppler, evince, and okular is now available for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince or Okular.
Security Fix(es):
* poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc (CVE-2019-7310)
* poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc (CVE-2019-9200)
* poppler: infinite recursion in Parser::getObj function in Parser.cc (CVE-2018-16646)
* poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc (CVE-2018-18897)
* poppler: reachable abort in Object.h (CVE-2018-19058)
* poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc (CVE-2018-19059)
* poppler: pdfdetach utility does not validate save paths (CVE-2018-19060)
* poppler: NULL pointer dereference in _poppler_attachment_new (CVE-2018-19149)
* poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc (CVE-2018-20481)
* poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc (CVE-2018-20650)
* poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc (CVE-2018-20662)
* poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc (CVE-2019-9631)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Topics Covered

security advisory moderate security issue buffer overflow bug fix Red Hat Enterprise Linux poppler

References

https://access.redhat.com/security/cve/CVE-2018-16646 https://access.redhat.com/security/cve/CVE-2018-18897 https://access.redhat.com/security/cve/CVE-2018-19058 https://access.redhat.com/security/cve/CVE-2018-19059 https://access.redhat.com/security/cve/CVE-2018-19060 https://access.redhat.com/security/cve/CVE-2018-19149 https://access.redhat.com/security/cve/CVE-2018-20481 https://access.redhat.com/security/cve/CVE-2018-20650 https://access.redhat.com/security/cve/CVE-2018-20662 https://access.redhat.com/security/cve/CVE-2019-7310 https://access.redhat.com/security/cve/CVE-2019-9200 https://access.redhat.com/security/cve/CVE-2019-9631 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: evince-3.28.2-8.el7.src.rpm okular-4.10.5-7.el7.src.rpm poppler-0.26.5-38.el7.src.rpm
x86_64: evince-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-dvi-3.28.2-8.el7.x86_64.rpm evince-libs-3.28.2-8.el7.i686.rpm evince-libs-3.28.2-8.el7.x86_64.rpm evince-nautilus-3.28.2-8.el7.x86_64.rpm okular-4.10.5-7.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm okular-libs-4.10.5-7.el7.i686.rpm okular-libs-4.10.5-7.el7.x86_64.rpm okular-part-4.10.5-7.el7.x86_64.rpm poppler-0.26.5-38.el7.i686.rpm poppler-0.26.5-38.el7.x86_64.rpm poppler-debuginfo-0.26.5-38.el7.i686.rpm poppler-debuginfo-0.26.5-38.el7.x86_64.rpm poppler-glib-0.26.5-38.el7.i686.rpm poppler-glib-0.26.5-38.el7.x86_64.rpm poppler-qt-0.26.5-38.el7.i686.rpm poppler-qt-0.26.5-38.el7.x86_64.rpm poppler-utils-0.26.5-38.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: evince-browser-plugin-3.28.2-8.el7.x86_64.rpm evince-debuginfo-3.28.2-8.el7.i686.rpm evince-debuginfo-3.28.2-8.el7.x86_64.rpm evince-devel-3.28.2-8.el7.i686.rpm evince-devel-3.28.2-8.el7.x86_64.rpm okular-debuginfo-4.10.5-7.el7.i686.rpm okular-debuginfo-4.10.5-7.el7.x86_64.rpm

Read the Full Advisory

Advisory ID: RHSA-2019:2022-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2019:2022

Issue date: 2019-08-06

Topic

An update for poppler, evince, and okular is now available for Red HatEnterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics Covered

security advisory moderate security issue buffer overflow bug fix Red Hat Enterprise Linux poppler

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

Bugs Fixed

1378075 - Evince is not showing comments in document

1378961 - Error displaying PDF in Evince

1458037 - [RFE] okular should also display the FontName (after font path)

1541358 - [RFE] Evince does not read PDF file PrintScaling scaling tags

1626618 - CVE-2018-16646 poppler: infinite recursion in Parser::getObj function in Parser.cc

1639595 - [RFE] provide fontname for used fonts

1646546 - CVE-2018-18897 poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc

1649435 - CVE-2018-19058 poppler: reachable abort in Object.h

1649440 - CVE-2018-19059 poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc

1649450 - CVE-2018-19060 poppler: pdfdetach utility does not validate save paths

1649457 - CVE-2018-19149 poppler: NULL pointer dereference in _poppler_attachment_new

1658304 - Export PrintScaling preference

1665263 - CVE-2018-20650 poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc

1665266 - CVE-2018-20481 poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc

1665273 - CVE-2018-20662 poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc

1672419 - CVE-2019-7310 poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc

1683632 - CVE-2019-9200 poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

RedHat: RHSA-2019:2022-01 Moderate: Poppler Heap-Based Buffer Overflow

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

RedHat: RHSA-2019:2022-01 Moderate: Poppler Heap-Based Buffer Overflow

Solution

Summary

Topics Covered

References

Package List

Topic

Topics Covered

Relevant Releases Architectures

Bugs Fixed

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!