========================================================================== Ubuntu Security Notice USN-7213-1 January 16, 2025
poppler vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: poppler could be made to crash or expose sensitive information if it opened a specially crafted file. Software Description: - poppler: PDF rendering library Details: It was discovered that poppler incorrectly handled memory when opening certain PDF files. An attacker could possibly use this issue to cause denial of service or obtain sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 libpoppler140 24.08.0-1ubuntu0.1 poppler-utils 24.08.0-1ubuntu0.1 Ubuntu 24.04 LTS libpoppler134 24.02.0-1ubuntu9.2 poppler-utils 24.02.0-1ubuntu9.2 Ubuntu 22.04 LTS libpoppler118 22.02.0-2ubuntu0.6 poppler-utils 22.02.0-2ubuntu0.6 Ubuntu 20.04 LTS libpoppler97 0.86.1-0ubuntu1.5 poppler-utils 0.86.1-0ubuntu1.5 Ubuntu 18.04 LTS libpoppler73 0.62.0-2ubuntu2.14+esm4 Available with Ubuntu Pro poppler-utils 0.62.0-2ubuntu2.14+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS libpoppler58 0.41.0-0ubuntu1.16+esm5 Available with Ubuntu Pro poppler-utils 0.41.0-0ubuntu1.16+esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7213-1 CVE-2024-56378 Package Information: https://launchpad.net/ubuntu/+source/poppler/24.08.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.2 https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.6 https://launchpad.net/ubuntu/+source/poppler/0.86.1-0ubuntu1.5
OpenPGP_signature.asc
Description: OpenPGP digital signature
