Univention Bugzilla – Bug 46153
poppler: Multiple issues (4.2)
Last modified: 2018-05-08 14:56:54 CEST
poppler (0.26.5-2+deb8u2) * CVE-2017-9406 poppler: Memory leak in the gmalloc function in gmem.cc * CVE-2017-9408 poppler: Memory leak in the Object::initArray function * CVE-2017-9775 poppler: Stack-buffer overflow in GfxState.cc * CVE-2017-9776 poppler: Integer overflow in JBIG2Stream.cc * CVE-2017-9865 poppler: Buffer over-read in the GfxImageColorMap::getGray function * CVE-2017-14517 poppler: NULL pointer dereference in the XRef::parseEntry() function * CVE-2017-14518 poppler: Floating point exception in the isImageInterpolationRequired() function * CVE-2017-14519 poppler: Memory corruption via Gfx.cc infinite loop * CVE-2017-14520 poppler: Floating point exception in Splash::scaleImageYuXd() function in Splash.cc * CVE-2017-14617 poppler: Floating point exception in the ImageStream class * CVE-2017-14975 poppler: NULL pointer dereference in the FoFiType1C::convertToType0 function * CVE-2017-14976 poppler: Heap-based buffer over-read in the FoFiType1C::convertToType0 function * CVE-2017-14977 poppler: NULL pointer dereference in the FoFiTrueType::getCFFBlock function * CVE-2017-15565 poppler: NULL pointer dereference in the GfxImageColorMap::getGrayLine() function
Mass-import from Debian-Security: python -m univention.repong.^Cbmirror -s jessie -r 4.2-3 --override=$HOME/REPOS/repo-ng/mirror/update_ucs42_mirror_from_debian.yml --errata=doc/errata --sql --process=ALL -vvvv --now=201801211553 YAML: git:bd6159834a..449aa5a7cf
0.26.5-2+deb8u3 * Fix regression in fix for CVE-2017-14519 * CVE-2017-14929 poppler: Memory corruption via Gfx.cc infinite loop * CVE-2017-1000456 poppler: Invalid read in TextPool::addWord() causes crash and can lead to overflow in subsequent calculations * CVE-2017-1000456 * CVE-2017-14929 34fd59e804 Bug #46153: poppler
[4.2-3] 8dd8ff40c5 Bug #46153: poppler 0.26.5-2+deb8u4 Regression fix
--- mirror/ftp/4.2/unmaintained/4.2-0/source/poppler_0.26.5-2+deb8u1.dsc +++ apt/ucs_4.2-0-errata4.2-3/source/poppler_0.26.5-2+deb8u4.dsc @@ -1,3 +1,51 @@ +0.26.5-2+deb8u4 [Thu, 12 Apr 2018 11:19:50 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Correct patch for CVE-2017-9776. + Fixes "[regression] Broken rendering of scan PDF from Xerox WorkCentre + 5945". (Closes: #890826) + +0.26.5-2+deb8u3 [Tue, 22 Jan 2018 23:45:05 +0100] Moritz Muehlenhoff <jmm@debian.org>: + + * Fix regression in fix for CVE-2017-14519 + * CVE-2017-1000456 + * CVE-2017-14929 + +0.26.5-2+deb8u2 [Sat, 02 Dec 2017 07:34:06 +0100] Santiago R.R. <santiagorr@riseup.net>: + + * Fix CVE-2017-9406: a memory leak vulnerability was found in the function + gmalloc in gmem.cc, which allows attackers to cause a denial of service + via a crafted file. + * Fix CVE-2017-9408: memory leak in the function Object::initArray in + Object.cc that allows attackers to cause a DoS via a crafted file. + * Fix CVE-2017-9775: Stack buffer overflow in GfxState.cc in pdftocairo that + allows remote attackers to cause a denial of service (application crash) + via a crafted PDF document. + * Fix CVE-2017-9776: Integer overflow leading to Heap buffer overflow in + JBIG2Stream.cc in pdftocairo allows remote attackers to cause a denial of + service (application crash) or possibly have unspecified other impact via a + crafted PDF document. + * Fix CVE-2017-9865: The function GfxImageColorMap::getGray in GfxState.cc + allows remote attackers to cause a denial of service (stack-based buffer + over-read and application crash) via a crafted PDF document + * Fix CVE-2017-14517: NULL pointer dereference vulnerability in the + XRef::parseEntry() function in XRef.cc + * Fix CVE-2017-14518: Floating point exception in the + isImageInterpolationRequired() function in Splash.cc + * Fix CVE-2017-14519: A memory corruption may occur in a call to + Object::streamGetChar + * Fix CVE-2017-14520: Floating point exception in Splash::scaleImageYuXd() + * Fix CVE-2017-14617: Floating point exception in the ImageStream class in + Stream.cc + * Fix CVE-2017-14975: NULL pointer dereference vulnerability in the + FoFiType1C::convertToType0 function in FoFiType1C.cc + * Fix CVE-2017-14976: Heap-based buffer over-read vulnerability in the + FoFiType1C::convertToType0 function in FoFiType1C.cc + * Fix CVE-2017-14977: NULL pointer dereference vulnerability in the + FoFiTrueType::getCFFBlock function in FoFiTrueType.cc + * Fix CVE-2017-15565: NULL Pointer Dereference in the + GfxImageColorMap::getGrayLine() function in GfxState.cc + 0.26.5-2+deb8u1 [Mon, 25 Apr 2016 19:02:11 +0200] Pino Toscano <pino@debian.org>: * Backport upstream commit b3425dd3261679958cd56c0f71995c15d2124433 to fix
* No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory adjusted: eb84797f4e | Sort CVEs
<http://errata.software-univention.de/ucs/4.2/390.html>