SciLinux: SL5.x poppler Critical Security Update for PDF Issues

Nov 13, 2007 •

LinuxSecurity Advisories

1 - 2 min read

Scientific Large Esm H500

Topics Covered

security advisory critical application crash pdf issue poppler sl5

Important: poppler security update

Date:         Tue, 13 Nov 2007 17:00:23 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux

From:         Troy Dawson 
Subject:      Security ERRATA for poppler on SL5.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis:	Important: poppler security update
Issue date:	2007-11-07
CVE Names:	CVE-2007-4352 CVE-2007-5392 CVE-2007-5393

Alin Rad Pop discovered several flaws in the handling of PDF files. An
attacker could create a malicious PDF file that would cause an 
application linked with poppler to crash, or potentially execute 
arbitrary code when opened. (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)

SL 5.x

   SRPMS:
poppler-0.5.4-4.3.el5_1.src.rpm
   i386:
poppler-0.5.4-4.3.el5.i386.rpm
poppler-devel-0.5.4-4.3.el5.i386.rpm
poppler-utils-0.5.4-4.3.el5.i386.rpm
   x86_64:
poppler-0.5.4-4.3.el5.i386.rpm
poppler-0.5.4-4.3.el5.x86_64.rpm
poppler-devel-0.5.4-4.3.el5.i386.rpm
poppler-devel-0.5.4-4.3.el5.x86_64.rpm
poppler-utils-0.5.4-4.3.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here