Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 18 Apr 2008 15:47:19 -0500 Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for poppler on SL5.x i386/x86_64 Comments: To: " This email address is being protected from spambots. You need JavaScript enabled to view it. "Synopsis: Important: poppler security update Issue date: 2008-04-17 CVE Names: CVE-2008-1693 Kees Cook discovered a flaw in the way poppler displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications that use poppler -- such as Evince -- to crash, or, potentially, execute arbitrary code when opened. (CVE-2008-1693) SL 5.x SRPMS: poppler-0.5.4-4.4.el5_1.src.rpm i386: poppler-0.5.4-4.4.el5_1.i386.rpm poppler-devel-0.5.4-4.4.el5_1.i386.rpm poppler-utils-0.5.4-4.4.el5_1.i386.rpm x86_64: poppler-0.5.4-4.4.el5_1.i386.rpm poppler-0.5.4-4.4.el5_1.x86_64.rpm poppler-devel-0.5.4-4.4.el5_1.i386.rpm poppler-devel-0.5.4-4.4.el5_1.x86_64.rpm poppler-utils-0.5.4-4.4.el5_1.x86_64.rpm -Connie Sieh -Troy Dawson