Package: poppler Severity: grave Tags: security Justification: user security hole
Please apply the following patches referenced in the following link for Squeeze, Lenny will be dealt with by the Security Team: http://secunia.com/advisories/41596/ Most of them are crashers (analysis was done by Tomas Hoger of Red Hat), which are not treated as security issues, but the following have had CVE IDs assigned: > e853106b58 is uninitialized pointer use flaw. Pointer value may be > controlled by PDF content, hence if pointed to attacker-controlled > memory, code execution may be possible via virtual method call. This > should date back to very old xpdf versions. http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf Use CVE-2010-3702 > bf2055088a seems similar to the above one. Pointer is to the class that > has not virtual methods, but may be used to corrupt memory. This should > only affect poppler versions after b1d4efb082. http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f Use CVE-2010-3703 > 39d140bfc0 array indexing error / underflow. On platforms where atoi can > return negative result, this can allow out-of-array-bounds write. Code > appears in old xpdf versions too. http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 Use CVE-2010-3704 Cheers, Moritz -- System Information: Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

