Описание
Security update for poppler
This update for poppler fixes the following issues:
- CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder (bsc#1202692).
Bugfixes:
- Fixed issue where some PDF generators generate PDF with some wrong numbers in entry table, but the content is still valid (bsc#1181551).
Список пакетов
SUSE Enterprise Storage 7
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Enterprise Storage 7.1
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libpoppler89-0.79.0-150200.3.8.1
SUSE Linux Enterprise Real Time 15 SP3
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Manager Proxy 4.2
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
SUSE Manager Server 4.2
libpoppler-cpp0-0.79.0-150200.3.8.1
libpoppler-devel-0.79.0-150200.3.8.1
libpoppler-glib-devel-0.79.0-150200.3.8.1
libpoppler-glib8-0.79.0-150200.3.8.1
libpoppler89-0.79.0-150200.3.8.1
poppler-tools-0.79.0-150200.3.8.1
typelib-1_0-Poppler-0_18-0.79.0-150200.3.8.1
openSUSE Leap 15.4
libpoppler89-0.79.0-150200.3.8.1
libpoppler89-32bit-0.79.0-150200.3.8.1
Ссылки
- Link for SUSE-SU-2023:0677-1
- E-Mail link for SUSE-SU-2023:0677-1
- SUSE Security Ratings
- SUSE Bug 1181551
- SUSE Bug 1202692
- SUSE CVE CVE-2022-38784 page
Описание
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.
Затронутые продукты
SUSE Enterprise Storage 7.1:libpoppler-cpp0-0.79.0-150200.3.8.1
SUSE Enterprise Storage 7.1:libpoppler-devel-0.79.0-150200.3.8.1
SUSE Enterprise Storage 7.1:libpoppler-glib-devel-0.79.0-150200.3.8.1
SUSE Enterprise Storage 7.1:libpoppler-glib8-0.79.0-150200.3.8.1
Ссылки
- CVE-2022-38784
- SUSE Bug 1202692
- SUSE Bug 1203392
- SUSE Bug 1225040