Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21445
HistoryMar 09, 2009 - 12:00 a.m.

[ MDVSA-2009:068-1 ] poppler

2009-03-0900:00:00
vulners.com
8
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2009:068-1
http://www.mandriva.com/security/

Package : poppler
Date : March 7, 2009
Affected: 2008.0, 2008.1, 2009.0, Corporate 4.0

Problem Description:

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence
of a wrong processing on FormWidgetChoice::loadDefaults method
(CVE-2009-0755).

A crafted PDF file that triggers a parsing error allows remote
attackers to cause definal of service. This bug is consequence of
an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict
destructor when JBIG2Stream::readSymbolDictSeg method is used
(CVE-2009-0756).

This update provides fixes for those vulnerabilities.

This update does not apply for CVE-2009-0755 under Corporate Server
4.0 libpoppler0-0.4.1-3.7.20060mlcs4.

Update:

The previous packages were not signed, this new update fixes that
issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756

Updated Packages:

Mandriva Linux 2008.0:
b6be528bfc04a7128f41a034acc4c858 2008.0/i586/libpoppler2-0.6-3.4mdv2008.0.i586.rpm
5ce11cbdf503735bbb0e7396a7c75a45 2008.0/i586/libpoppler-devel-0.6-3.4mdv2008.0.i586.rpm
fe7b78621d225813e020d49310f23eb6 2008.0/i586/libpoppler-glib2-0.6-3.4mdv2008.0.i586.rpm
cbb6e652f311f9f42519862a80c786d2 2008.0/i586/libpoppler-glib-devel-0.6-3.4mdv2008.0.i586.rpm
2bedc0757e73e3da48ad92360c3570ab 2008.0/i586/libpoppler-qt2-0.6-3.4mdv2008.0.i586.rpm
957f6eda2b9e380b31bd46da75afd237 2008.0/i586/libpoppler-qt4-2-0.6-3.4mdv2008.0.i586.rpm
af48c284302539cbea49a105ee8c7481 2008.0/i586/libpoppler-qt4-devel-0.6-3.4mdv2008.0.i586.rpm
9068b9dae11e3804417ce524a75e8e33 2008.0/i586/libpoppler-qt-devel-0.6-3.4mdv2008.0.i586.rpm
8907f3fd329049680fd45319cd04d637 2008.0/i586/poppler-0.6-3.4mdv2008.0.i586.rpm
40695204843aca6f53ca52a6dfed30e8 2008.0/SRPMS/poppler-0.6-3.4mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
31ccc4965703b3e451c19f39ce7ede1d 2008.0/x86_64/lib64poppler2-0.6-3.4mdv2008.0.x86_64.rpm
c4d067a480b6954d5325e1539b8325dd 2008.0/x86_64/lib64poppler-devel-0.6-3.4mdv2008.0.x86_64.rpm
03748430e59d296a83c510892ce8c6f1 2008.0/x86_64/lib64poppler-glib2-0.6-3.4mdv2008.0.x86_64.rpm
ffeee581c32036d7419ac44109e04672 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.4mdv2008.0.x86_64.rpm
c92a0ed4b729539170805381806820f3 2008.0/x86_64/lib64poppler-qt2-0.6-3.4mdv2008.0.x86_64.rpm
0bae60ea196f598f48cfc8f1710e4647 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.4mdv2008.0.x86_64.rpm
78c077b81c87510eab6cc8bd253d6739 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.4mdv2008.0.x86_64.rpm
6c951f0c0b8b487d84b4e6ca1945b20c 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.4mdv2008.0.x86_64.rpm
53aa65b1208ce95929a80820fd684d42 2008.0/x86_64/poppler-0.6-3.4mdv2008.0.x86_64.rpm
40695204843aca6f53ca52a6dfed30e8 2008.0/SRPMS/poppler-0.6-3.4mdv2008.0.src.rpm

Mandriva Linux 2008.1:
e1f411a24a7158bf9aacf15f99a06347 2008.1/i586/libpoppler2-0.6.4-2.3mdv2008.1.i586.rpm
5f6334faade2f51ad87d8ac857359814 2008.1/i586/libpoppler-devel-0.6.4-2.3mdv2008.1.i586.rpm
208c255f0b44e7960b033cfdc5bf3e09 2008.1/i586/libpoppler-glib2-0.6.4-2.3mdv2008.1.i586.rpm
0925993670c80eb659183306679b4aa9 2008.1/i586/libpoppler-glib-devel-0.6.4-2.3mdv2008.1.i586.rpm
b9f79459d8eac874b46b6df38b58a6ba 2008.1/i586/libpoppler-qt2-0.6.4-2.3mdv2008.1.i586.rpm
ede9ef27014b62f50df534e46890b59e 2008.1/i586/libpoppler-qt4-2-0.6.4-2.3mdv2008.1.i586.rpm
81f609460ede87efb3634366ba76a9d6 2008.1/i586/libpoppler-qt4-devel-0.6.4-2.3mdv2008.1.i586.rpm
e6d7ad4654495c67fb781bafd666d9db 2008.1/i586/libpoppler-qt-devel-0.6.4-2.3mdv2008.1.i586.rpm
138a2302ed96ba5949d9930bc580297d 2008.1/i586/poppler-0.6.4-2.3mdv2008.1.i586.rpm
d644c4bbe9de2bac87910a43dcb6f8fe 2008.1/SRPMS/poppler-0.6.4-2.3mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
7fdf9d73576933312c32f0fe87c8c93d 2008.1/x86_64/lib64poppler2-0.6.4-2.3mdv2008.1.x86_64.rpm
b42239fba4cbbb88188de2d5238d1c56 2008.1/x86_64/lib64poppler-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
fd9460be9227dae0ba5d9910359e858a 2008.1/x86_64/lib64poppler-glib2-0.6.4-2.3mdv2008.1.x86_64.rpm
59d18d31ec3c82c239e548a40d72f001 2008.1/x86_64/lib64poppler-glib-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
6d487fdc80ced9ab394a8c7af8f2f9c0 2008.1/x86_64/lib64poppler-qt2-0.6.4-2.3mdv2008.1.x86_64.rpm
7cd42a0598771e1083bb92d29f6a5584 2008.1/x86_64/lib64poppler-qt4-2-0.6.4-2.3mdv2008.1.x86_64.rpm
197369abdaa84cd4be08233554cff37b 2008.1/x86_64/lib64poppler-qt4-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
4185e4241b95b4fcc842b245276fa6f0 2008.1/x86_64/lib64poppler-qt-devel-0.6.4-2.3mdv2008.1.x86_64.rpm
7d67cd24cae036ca74223fb43ea23fb1 2008.1/x86_64/poppler-0.6.4-2.3mdv2008.1.x86_64.rpm
d644c4bbe9de2bac87910a43dcb6f8fe 2008.1/SRPMS/poppler-0.6.4-2.3mdv2008.1.src.rpm

Mandriva Linux 2009.0:
d4c04f004c368818d38853c92aa4bbf1 2009.0/i586/libpoppler3-0.8.7-2.2mdv2009.0.i586.rpm
4d024506356c95c4042e9c9d5bb9bb8f 2009.0/i586/libpoppler-devel-0.8.7-2.2mdv2009.0.i586.rpm
0554f19626cf4aa4bc5300022606b6f5 2009.0/i586/libpoppler-glib3-0.8.7-2.2mdv2009.0.i586.rpm
1f8cddca4e8c09f3fa5f8b3fca0352ed 2009.0/i586/libpoppler-glib-devel-0.8.7-2.2mdv2009.0.i586.rpm
5a957dd285394a3bf71ae89ba0d8a196 2009.0/i586/libpoppler-qt2-0.8.7-2.2mdv2009.0.i586.rpm
eb72d3444d8aff20d99f55ebe4ef867d 2009.0/i586/libpoppler-qt4-3-0.8.7-2.2mdv2009.0.i586.rpm
d694fe64d9ae60ffe966238eb6ede92b 2009.0/i586/libpoppler-qt4-devel-0.8.7-2.2mdv2009.0.i586.rpm
153e5320ae7bed15b22e3cba09a86fb5 2009.0/i586/libpoppler-qt-devel-0.8.7-2.2mdv2009.0.i586.rpm
4e2392ad242f0b58077f2c2e37bf6b6d 2009.0/i586/poppler-0.8.7-2.2mdv2009.0.i586.rpm
01446308427613f217258b52a2eee1fe 2009.0/SRPMS/poppler-0.8.7-2.2mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
0b8f436305440047b6953576eeca371c 2009.0/x86_64/lib64poppler3-0.8.7-2.2mdv2009.0.x86_64.rpm
81b6a315ac7b3913b5afbd64284ab8e8 2009.0/x86_64/lib64poppler-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
364c79826c466079f8b409bfec18f921 2009.0/x86_64/lib64poppler-glib3-0.8.7-2.2mdv2009.0.x86_64.rpm
c9b69789a5477eb556033ad650080b61 2009.0/x86_64/lib64poppler-glib-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
d69621b3c07a1e0077e14c8c56d793e9 2009.0/x86_64/lib64poppler-qt2-0.8.7-2.2mdv2009.0.x86_64.rpm
45591e111559535e3aa71f57f2f24631 2009.0/x86_64/lib64poppler-qt4-3-0.8.7-2.2mdv2009.0.x86_64.rpm
e7afcd9689c0f7544f201e7450bbc6d3 2009.0/x86_64/lib64poppler-qt4-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
4baed4c3f6707ea4e6e7f76b9794bd28 2009.0/x86_64/lib64poppler-qt-devel-0.8.7-2.2mdv2009.0.x86_64.rpm
907eebe34e5a72b5235b2a9a9f99e86b 2009.0/x86_64/poppler-0.8.7-2.2mdv2009.0.x86_64.rpm
01446308427613f217258b52a2eee1fe 2009.0/SRPMS/poppler-0.8.7-2.2mdv2009.0.src.rpm

Corporate 4.0:
aa8ffe916c682e781401e8013be793c2 corporate/4.0/i586/libpoppler0-0.4.1-3.9.20060mlcs4.i586.rpm
3f80ec408c7487067548f83ffc6d8024 corporate/4.0/i586/libpoppler0-devel-0.4.1-3.9.20060mlcs4.i586.rpm
8c6bd3f578818f31e536bc3682f18a39 corporate/4.0/i586/libpoppler-qt0-0.4.1-3.9.20060mlcs4.i586.rpm
71916f7537d1342b9a8969aa4824f7ae corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.9.20060mlcs4.i586.rpm
c6e6d2856b80c65b00016acd63025604 corporate/4.0/SRPMS/poppler-0.4.1-3.9.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
369a6877b5f8ac44d69a4361c5f1a31f corporate/4.0/x86_64/lib64poppler0-0.4.1-3.9.20060mlcs4.x86_64.rpm
335083606b2aaeef8653f9357e813ddd corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.9.20060mlcs4.x86_64.rpm
1c04f33928139496cb9ba6ad5b3242c6 corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.9.20060mlcs4.x86_64.rpm
344863bfaba9016f196c0966c831982d corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.9.20060mlcs4.x86_64.rpm
c6e6d2856b80c65b00016acd63025604 corporate/4.0/SRPMS/poppler-0.4.1-3.9.20060mlcs4.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJsbd9mqjQ0CJFipgRAj+3AKDj2eclaScZokAtq97hfOQmTNiTPACgxY95
g9g7nwns0H0MBsqVm7PNI60=
=MUZQ
-----END PGP SIGNATURE-----

Related

openvas 13
nessus 8
cve 2
debiancve 2
prion 2
ubuntucve 2
securityvulns 2
ubuntu 1
debian 1
openvas
openvas
Mandrake Security Advisory MDVSA-2009:068 (poppler)
2009-03-07 00:00:00
Mandrake Security Advisory MDVSA-2009:068-1 (poppler)
2009-03-13 00:00:00
Mandrake Security Advisory MDVSA-2009:068-1 (poppler)
2009-03-13 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : poppler (MDVSA-2009:068-1)
2009-04-23 00:00:00
Debian DSA-1941-1 : poppler - several vulnerabilities
2010-02-24 00:00:00
SuSE 10 Security Update : poppler (ZYPP Patch Number 6315)
2009-09-24 00:00:00
cve
cve
CVE-2009-0756
2009-03-03 16:30:00
CVE-2009-0755
2009-03-03 16:30:00
debiancve
debiancve
CVE-2009-0756
2009-03-03 16:30:00
CVE-2009-0755
2009-03-03 16:30:00
prion
prion
Memory corruption
2009-03-03 16:30:00
Code injection
2009-03-03 16:30:00
ubuntucve
ubuntucve
CVE-2009-0756
2009-03-03 00:00:00
CVE-2009-0755
2009-03-03 00:00:00
securityvulns
securityvulns
poppler library multiple security vulnerabilities
2009-04-18 00:00:00
[USN-850-1] poppler vulnerabilities
2009-10-22 00:00:00
ubuntu
ubuntu
poppler vulnerabilities
2009-10-21 00:00:00
debian
debian
[SECURITY] [DSA 1941-1] New poppler packages fix several vulnerabilities
2009-11-25 22:37:47
JSON
Related for SECURITYVULNS:DOC:21445
openvas13nessus8cve2debiancve2prion2ubuntucve2securityvulns2ubuntu1debian1