This bug was fixed in the package poppler - 0.10.5-1ubuntu2
---------------
poppler (0.10.5-1ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: denial of service and possible code execution from
multiple integer overflows, buffer overflows, and other issues with
JBIG2 decoding. (LP: #361875)
- debian/patches/11_security_jbig2.patch: prevent integer overflow in
poppler/CairoOutputDev.cc and splash/SplashBitmap.cc, add overflow
checking, improve error handling, and fix other issues in
poppler/JBIG2Stream.*.
- CVE-2009-0146
- CVE-2009-0147
- CVE-2009-0166
- CVE-2009-0799
- CVE-2009-0800
- CVE-2009-1179
- CVE-2009-1180
- CVE-2009-1181
- CVE-2009-1182
- CVE-2009-1183
- CVE-2009-1187
- CVE-2009-1188
-- Marc Deslauriers <[email protected]> Thu, 16 Apr 2009
22:40:29 -0400
** Changed in: poppler (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0146
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0147
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0166
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0799
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0800
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1179
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1180
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1181
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1182
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1183
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1187
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1188
--
FreezeException for poppler (12 different CVE numbers)
https://bugs.launchpad.net/bugs/361875
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
