USN-3837-1 introduced a regression in poppler.
Software Description:
- poppler: PDF rendering library
Details:
USN-3837-1 fixed vulnerabilities in poppler. A regression was reported
regarding the previous update. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of
service. (CVE-2018-16646)
It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 16.04 LTS.
(CVE-2018-19149)
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libpoppler79 0.68.0-0ubuntu1.3 poppler-utils 0.68.0-0ubuntu1.3 Ubuntu 18.04 LTS: libpoppler73 0.62.0-2ubuntu2.5 poppler-utils 0.62.0-2ubuntu2.5 Ubuntu 16.04 LTS: libpoppler58 0.41.0-0ubuntu1.10 poppler-utils 0.41.0-0ubuntu1.10 Ubuntu 14.04 LTS: libpoppler44 0.24.5-2ubuntu4.14 poppler-utils 0.24.5-2ubuntu4.14 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-3837-2
https://ubuntu.com/security/notices/USN-3837-1
CVE-2018-16646, CVE-2018-19149
Get the latest Linux and open source security news straight to your inbox.