You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa poppler

Sigurnosni nedostaci programskog paketa poppler

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3886-1
February 11, 2019

poppler vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in poppler.

Software Description:
– poppler: PDF rendering library

Details:

It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-20551, CVE-2019-7310)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  libpoppler79                    0.68.0-0ubuntu1.5
  poppler-utils                   0.68.0-0ubuntu1.5

Ubuntu 18.04 LTS:
  libpoppler73                    0.62.0-2ubuntu2.7
  poppler-utils                   0.62.0-2ubuntu2.7

Ubuntu 16.04 LTS:
  libpoppler58                    0.41.0-0ubuntu1.12
  poppler-utils                   0.41.0-0ubuntu1.12

Ubuntu 14.04 LTS:
  libpoppler44                    0.24.5-2ubuntu4.16
  poppler-utils                   0.24.5-2ubuntu4.16

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3886-1
  CVE-2018-20551, CVE-2019-7310

Package Information:
  https://launchpad.net/ubuntu/+source/poppler/0.68.0-0ubuntu1.5
  https://launchpad.net/ubuntu/+source/poppler/0.62.0-2ubuntu2.7
  https://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.12
  https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.16—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJcYXOlAAoJEEW851uECx9p9ucP/0AEh4XW+n3pH4nuEIvnO6g7
Is73E50+O8255IC/yXeBDeead0YCbprVrmZlNJt09sBwZ20MHdn3NpOv8dFWNOsg
mMHaGjhEIfoS2WYJ2qajfSyCEjs+hWI63eO3tEI/P30vjLk64VrkeLWKlVACSDxf
IH59RFvzKk8x6WSmmoX17dO/xvT0q5Ux/JcG4T+6mhdSvyojBHu7GYrA7ksX8+TW
zB9GuluoD4VBj3FFKccqUTupA73x3i04C8UfP+kx1oN6elzEdbn1khFYCHeoeA15
JzlI4w9cUWM2SmeFpPQb+LAMqgfQubswGkggCINyCFcvUKovm+ARpAVsekJYtKDr
StSNn3d5OwpfioXYfhX+nVlMR8kQpeXtrDD6Inj9QbnE8eLpXsjQ0gNIr2A37ByQ
NlT4HbMxJKgKhlp4/xlL7IM1eBo+fXQherx/sNiLvxnUWpH1rup79A48xs64eSE0
wzZY6+vIpc2QlC3FYKaEg1ZdQvaxmG9RRAY4G+7sjjGLC2ABDEHQx1gFgy7gmLrt
KnQcrcq4XSb+tZS8bC6u1fJuXB3BT0nvvaAQZ6XybathGCIkNKPSo4uTz7F2t4nc
tm76y/OOLKlHSvhG7NezA8NykJsGL91aKouDB89IdgcC7KpGlOfXUWLDGjsw1e9I
N9tEjUkz55+p9RL7isPV
=6kp2
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-02-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa BuildBot

Otkriven je sigurnosni nedostatak u programskom paketu BuildBot za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija...

Close