Описание
Security update for evince
This update for evince fixes the following issues:
- CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c (bsc#1141619).
Список пакетов
SUSE Linux Enterprise Module for Desktop Applications 15
evince-3.26.0+20180128.1bd86963-4.10.1
evince-devel-3.26.0+20180128.1bd86963-4.10.1
evince-lang-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-djvudocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-dvidocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-psdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-4.10.1
libevdocument3-4-3.26.0+20180128.1bd86963-4.10.1
libevview3-3-3.26.0+20180128.1bd86963-4.10.1
nautilus-evince-3.26.0+20180128.1bd86963-4.10.1
typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-4.10.1
typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-4.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
evince-3.26.0+20180128.1bd86963-4.10.1
evince-devel-3.26.0+20180128.1bd86963-4.10.1
evince-lang-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-djvudocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-dvidocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-psdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-4.10.1
evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-4.10.1
libevdocument3-4-3.26.0+20180128.1bd86963-4.10.1
libevview3-3-3.26.0+20180128.1bd86963-4.10.1
nautilus-evince-3.26.0+20180128.1bd86963-4.10.1
typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-4.10.1
typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-4.10.1
Ссылки
- Link for SUSE-SU-2019:2052-1
- E-Mail link for SUSE-SU-2019:2052-1
- SUSE Security Ratings
- SUSE Bug 1141619
- SUSE CVE CVE-2019-1010006 page
Описание
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail.
Затронутые продукты
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:evince-3.26.0+20180128.1bd86963-4.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:evince-devel-3.26.0+20180128.1bd86963-4.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:evince-lang-3.26.0+20180128.1bd86963-4.10.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1:evince-plugin-djvudocument-3.26.0+20180128.1bd86963-4.10.1
Ссылки
- CVE-2019-1010006
- SUSE Bug 1141619