Описание
ELSA-2010-0859: poppler security update (IMPORTANT)
[0.12.4-3.el6.1]
- Add poppler-0.12.4-CVE-2010-3702.patch (Properly initialize parser)
- Add poppler-0.12.4-CVE-2010-3703.patch (Properly initialize stack)
- Add poppler-0.12.4-CVE-2010-3704.patch (Fix crash in broken pdf (code < 0))
- Resolves: #639859
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
poppler
0.12.4-3.el6_0.1
poppler-devel
0.12.4-3.el6_0.1
poppler-glib
0.12.4-3.el6_0.1
poppler-glib-devel
0.12.4-3.el6_0.1
poppler-qt
0.12.4-3.el6_0.1
poppler-qt-devel
0.12.4-3.el6_0.1
poppler-qt4
0.12.4-3.el6_0.1
poppler-qt4-devel
0.12.4-3.el6_0.1
poppler-utils
0.12.4-3.el6_0.1
Oracle Linux i686
poppler
0.12.4-3.el6_0.1
poppler-devel
0.12.4-3.el6_0.1
poppler-glib
0.12.4-3.el6_0.1
poppler-glib-devel
0.12.4-3.el6_0.1
poppler-qt
0.12.4-3.el6_0.1
poppler-qt-devel
0.12.4-3.el6_0.1
poppler-qt4
0.12.4-3.el6_0.1
poppler-qt4-devel
0.12.4-3.el6_0.1
poppler-utils
0.12.4-3.el6_0.1
Связанные CVE
Связанные уязвимости
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
The PostScriptFunction::PostScriptFunction function in poppler/Functio ...